Technical Severity
HIGHCVSS v3.1 Metrics
7.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:CExploitation Likelihood
EPSS Prediction
11.98
%
Predictive Probability
Percentile Rank
95.6
th
Documented as more likely to be exploited than 95.6% of known CVEs.
Detection Date
Nov 14, 2023
Remediation Due
Dec 05, 2023
CISA Catalog Active
Threat Analysis
Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Remediation Directive
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.