KEV · Actively exploited
CVE-2023-36874
HIGH 7.8
KEV
Windows Error Reporting Service Elevation of Privilege Vulnerability
EPSS
67.67%
exploit likely
percentile 98.6%
CISA Known Exploited Vulnerability
- Added to KEV
- 2023-07-11
- Remediation deadline
- 2023-08-01
- Required action
- Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 (Server Core installation) 10.0.20348.1850 Windows Server 2022 10.0.20348.1850 Windows Server 2019 (Server Core installation) 10.0.17763.4645 Windows Server 2019 10.0.17763.4645 Windows Server 2016 (Server Core installation) 10.0.14393.6085 Windows Server 2016 10.0.14393.6085 Windows 11 22H2 · 2022-H2 10.0.22621.1992 Windows 11 21H2 · 2021-H2 10.0.22000.2176 Windows 10 22H2 · 2022-H2 10.0.19045.3208 Windows 10 21H2 · 2021-H2 10.0.19044.3208 Windows 10 1809 · 2018-09 10.0.17763.4645 Windows 10 1607 · 2016-07 10.0.14393.6085