CVE-2023-21674

ENISA EUVD: EUVD-2023-25841 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 3 articles Published: 2023-01-10

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

11.58%

probability

This CVE has a 11.58% probability of being exploited in the next 30 days.

0% Top 93.7th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

NVD

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows 10 Version 1809

10.0.17763.0

Microsoft

Windows 10 Version 1809

10.0.0

Microsoft

Windows Server 2019

10.0.17763.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0

Microsoft

Windows Server 2022

10.0.20348.0

microsoft

windows 10 1507

microsoft

windows 10 1607

microsoft

windows 10 1809

microsoft

windows 10 20h2

microsoft

windows 10 21h2

Microsoft

Windows 11 version 21H2

10.0.0 <10.0.22000.1455

Microsoft

Windows Server 2012 R2 (Server Core installation)

6.3.9600.0 <6.3.9600.20778

Microsoft

Windows Server 2016 (Server Core installation)

10.0.14393.0 <10.0.14393.5648

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.1487

Microsoft

Windows 10 Version 21H2

10.0.19043.0 <10.0.19044.2486

Microsoft

Windows Server 2019

10.0.17763.0 <10.0.17763.3887

Microsoft

Windows Server 2012 R2

6.3.9600.0 <6.3.9600.20778

Microsoft

Windows 10 Version 1507

10.0.10240.0 <10.0.10240.19685

Microsoft

Windows 10 Version 1809

10.0.0 <10.0.17763.3887

Microsoft

Windows 10 Version 1809

10.0.17763.0 <10.0.17763.3887

Microsoft

Windows 11 version 22H2

10.0.22621.0 <10.0.22621.1105

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0 <10.0.17763.3887

Microsoft

Windows Server 2016

10.0.14393.0 <10.0.14393.5648

Microsoft

Windows 10 Version 22H2

10.0.19045.0 <10.0.19045.2486

Microsoft

Windows 10 Version 1607

10.0.14393.0 <10.0.14393.5648

Microsoft

Windows 8.1

6.3.0 <6.3.9600.20778

Microsoft

Windows 10 Version 20H2

10.0.0 <10.0.19042.2486

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-416 · Use After Free CWE-664 · Improper Control of a Resource Through its Lifetime CWE-666 · Operation on Resource in Wrong Phase of Lifetime CWE-672 · Operation on a Resource after Expiration or Release CWE-825 · Expired Pointer Dereference

Google Project Zero

Patched

Jan. 10, 2023

Reported by

Jan Vojtěšek, Milánek, and Przemek Gmerek with Avast

Root Cause Analysis

???

Exploits & PoC

hd3s5aa/CVE-2023-21674

39 2024-04-05

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674

vendor-advisory

Signal Intelligence

Confidenceⓘ

82%

EPSS 11.58%

CVSS v3.1 8.8

Mentions 3

Last Seen Jan 11, 2023

CNA Information

CNA Assigner

microsoft

CNA Title

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

Analyst Note

CVE-2023-21674 is confirmed as a legitimate Windows ALPC elevation of privilege vulnerability with a high CVSS score of 8.8, recognized by Google Project Zero and documented in CERT-EU security advisory. The classification is supported by vendor acknowledgment and credible third-party reporting, though limited public coverage (single article) and absence from CISA KEV slightly moderate absolute confidence.

Triage Info

Decided atMar 03, 2026

Published DateJan 10, 2023