CVE-2023-21768

ENISA EUVD: EUVD-2023-25935 ↗

✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 1 article Published: 2023-01-10

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗

EPSS Score

Source: FIRST.org · 2026-05-23

74.42%

probability

This CVE has a 74.42% probability of being exploited in the next 30 days.

0% Top 98.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Unproven

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Description

NVD

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows Server 2022

10.0.20348.0

Microsoft

Windows 11 version 21H2

10.0.0

Microsoft

Windows 11 version 22H2

10.0.22621.0

microsoft

windows 11

microsoft

windows server 2022

Microsoft

Windows 11 version 21H2

10.0.0 <10.0.22000.1455

Microsoft

Windows 11 version 22H2

10.0.22621.0 <10.0.22621.1105

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.1487

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime CWE-822 · Untrusted Pointer Dereference

Google Project Zero

Patched

March 14, 2023

Reported by

???

Root Cause Analysis

???

Exploits & PoC

chompie1337/Windows_LPE_AFD_CVE-2023-21768

LPE exploit for CVE-2023-21768

505 2023-07-10

SamuelTulach/nullmap

Using CVE-2023-21768 to manual map kernel mode driver

201 2023-03-10

Malwareman007/CVE-2023-21768

Windows_AFD_LPE_CVE-2023-21768

61 2023-08-27

cl4ym0re/cve-2023-21768-compiled

cve-2023-21768

27 2023-03-10

P4x1s/CVE-2023-21768-POC

CVE-2023-21768 Windows 11 22H2 系统本地提权 POC

23 2023-03-22

zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit

16 2023-04-21

xboxoneresearch/CVE-2023-21768-dotnet

C# / .NET version of CVE-2023-21768

14 2024-09-06

HKxiaoli/Windows_AFD_LPE_CVE-2023-21768

Windows 11 System Permission Elevation

4 2023-03-21

h1bAna/CVE-2023-21768

3 2023-04-05

Rosayxy/Recreate-cve-2023-21768

recreating exp for cve-2023-21768.

1 2023-10-02

IlanDudnik/CVE-2023-21768

Exploit implementation with IO Rings for CVE-2023-21768

1 2025-01-08

ldrx30/CVE-2023-21768

CVE-2023-21768 Proof of Concept

0 2024-04-07

radoi-teodor/CVE-2023-21768-DSE-Bypass

0 2025-08-28

Feede33/Windows-11-Exploit

https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768

0 2026-01-20

14 repos — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21768

vendor-advisory

Signal Intelligence

Confidenceⓘ

95%

EPSS 74.42%

CVSS v3.1 7.8

Mentions 1

Last Seen Jan 10, 2023

CNA Information

CNA Assigner

microsoft

CNA Title

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026

Published DateJan 10, 2023