KEV · Actively exploited
CVE-2023-32046
HIGH 7.8
KEV
Windows MSHTML Platform Elevation of Privilege Vulnerability
EPSS
42.66%
moderate exploit risk
percentile 97.5%
CISA Known Exploited Vulnerability
- Added to KEV
- 2023-07-11
- Remediation deadline
- 2023-08-01
- Required action
- Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 (Server Core installation) 10.0.20348.1850 Windows Server 2022 10.0.20348.1850 Windows Server 2019 (Server Core installation) 10.0.17763.4645 Windows Server 2019 10.0.17763.4645 Windows Server 2016 (Server Core installation) 10.0.14393.6085 Windows Server 2016 10.0.14393.6085 Windows 11 22H2 · 2022-H2 10.0.22621.1992 Windows 11 21H2 · 2021-H2 10.0.22000.2176 Windows 10 22H2 · 2022-H2 10.0.19045.3208 Windows 10 21H2 · 2021-H2 10.0.19044.3208 Windows 10 1809 · 2018-09 10.0.17763.4645 Windows 10 1607 · 2016-07 10.0.14393.6085