CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Aug 1, 2023

CVE-2023-32049

High

EPSS 9.1%CISA KEV

Description

Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.

EPSS — Exploit Probability

9.1%

Higher than 92.5% of all CVEs

Required Action

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-32049; https://nvd.nist.gov/vuln/detail/CVE-2023-32049

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 9.1%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Jul 11, 2023

Added to KEV

Jul 11, 2023

Remediation Due

Aug 1, 2023

Affected Product

Microsoft

Windows

View all Microsoft CVEs

External Links

NVD (NIST)CVE Details MITRE CVE