Technical Severity
HIGH
CVSS v3.1 Metrics
7.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Exploitation Likelihood
EPSS Prediction
56.50
%
Predictive Probability
Percentile Rank
98.0
th
Documented as more likely to be exploited than 98.0% of known CVEs.
Detection Date
Apr 11, 2023
Remediation Due
May 02, 2023
CISA Catalog Active
Threat Analysis
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Remediation Directive
Apply updates per vendor instructions.