KEV · Actively exploited
CVE-2023-36802
HIGH 7.8
KEV
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
EPSS
75.43%
exploit likely
percentile 98.9%
CISA Known Exploited Vulnerability
- Added to KEV
- 2023-09-12
- Remediation deadline
- 2023-10-03
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 (Server Core installation) 10.0.20348.1970 Windows Server 2022 10.0.20348.1970 Windows Server 2019 (Server Core installation) 10.0.17763.4851 Windows Server 2019 10.0.17763.4851 Windows 11 22H2 · 2022-H2 10.0.22621.2283 Windows 11 21H2 · 2021-H2 10.0.22000.2416 Windows 10 22H2 · 2022-H2 10.0.19045.3448 Windows 10 21H2 · 2021-H2 10.0.19044.3448 Windows 10 1809 · 2018-09 10.0.17763.4851