CVE-2023-36025

ENISA EUVD: EUVD-2023-40009 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 13 articles Published: 2023-11-14

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

91.47%

probability

This CVE has a 91.47% probability of being exploited in the next 30 days.

0% Top 99.7th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

NVD

Windows SmartScreen Security Feature Bypass Vulnerability

Affected Products

Microsoft

Windows 10 Version 1809

10.0.17763.0

Microsoft

Windows 10 Version 1809

10.0.0

Microsoft

Windows Server 2019

10.0.17763.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0

Microsoft

Windows Server 2022

10.0.20348.0

microsoft

windows 10 1507

microsoft

windows 10 1607

microsoft

windows 10 1809

microsoft

windows 10 21h2

microsoft

windows 10 22h2

Microsoft

Windows 10 Version 1809

10.0.17763.0 <10.0.17763.5122

Microsoft

Windows Server 2008 Service Pack 2

6.0.6003.0 <6.0.6003.22367

Microsoft

Windows Server 2016 (Server Core installation)

10.0.14393.0 <10.0.14393.6452

Microsoft

Windows 11 version 21H2

10.0.0 <10.0.22000.2600

Microsoft

Windows Server 2008 R2 Service Pack 1 (Server Core installation)

6.1.7601.0 <6.1.7601.26816

Microsoft

Windows Server 2012 R2 (Server Core installation)

6.3.9600.0 <6.3.9600.21668

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.2113

Microsoft

Windows 10 Version 22H2

10.0.19045.0 <10.0.19045.3693

Microsoft

Windows Server 2012 R2

6.3.9600.0 <6.3.9600.21668

Microsoft

Windows Server 2012 (Server Core installation)

6.2.9200.0 <6.2.9200.24569

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0 <10.0.17763.5122

Microsoft

Windows Server 2022, 23H2 Edition (Server Core installation)

10.0.25398.0 <10.0.25398.531

Microsoft

Windows Server 2008 R2 Service Pack 1

6.1.7601.0 <6.1.7601.26816

Microsoft

Windows 11 version 22H3

10.0.22631.0 <10.0.22631.2715

Microsoft

Windows 10 Version 1607

10.0.14393.0 <10.0.14393.6452

Microsoft

Windows Server 2008 Service Pack 2

6.0.6003.0 <6.0.6003.22367

Microsoft

Windows 11 Version 23H2

10.0.22631.0 <10.0.22631.2715

Microsoft

Windows 10 Version 1507

10.0.10240.0 <10.0.10240.20308

Microsoft

Windows Server 2008 Service Pack 2 (Server Core installation)

6.0.6003.0 <6.0.6003.22367

Microsoft

Windows Server 2012

6.2.9200.0 <6.2.9200.24569

Microsoft

Windows 10 Version 21H2

10.0.19043.0 <10.0.19043.3693

Microsoft

Windows 10 Version 1809

10.0.0 <10.0.17763.5122

Microsoft

Windows Server 2019

10.0.17763.0 <10.0.17763.5122

Microsoft

Windows Server 2016

10.0.14393.0 <10.0.14393.6452

Microsoft

Windows 11 version 22H2

10.0.22621.0 <10.0.22621.2715

Exploits & PoC

ka7ana/CVE-2023-36025

Quick test for CVE-2023-26025 behaviours

13 2023-11-29

J466Y/test_CVE-2023-36025

test repo for CVE-2023-36025

5 2023-11-28

coolman6942o/-EXPLOIT-CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

5 2023-12-29

3 repos — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025

vendor-advisory

Signal Intelligence

Confidenceⓘ

85%

EPSS 91.47%

CVSS v3.1 8.8

Mentions 13

Last Seen Aug 13, 2024

CNA Information

CNA Assigner

microsoft

CNA Title

Windows SmartScreen Security Feature Bypass Vulnerability

Analyst Note

CVE-2023-36025 is explicitly named as a zero-day exploited in the wild since March 2023, preceding the November 2023 patch publication. Multiple authoritative sources (BleepingComputer, CERT-EU) confirm active exploitation in malware attacks before patch availability, meeting all zero-day criteria.