CVE-2023-29360

Microsoft Streaming Service Elevation of Privilege Vulnerability

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360	Patch Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360	Patch Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_10_1607:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_1607:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_1809::::::::
	cpe:2.3:o:microsoft:windows_10_21h2::::::::
	cpe:2.3:o:microsoft:windows_10_22h2::::::::
	cpe:2.3:o:microsoft:windows_11_21h2::::::::
	cpe:2.3:o:microsoft:windows_11_22h2::::::::
	cpe:2.3:o:microsoft:windows_server_2016::::::::
	cpe:2.3:o:microsoft:windows_server_2019::::::::
	cpe:2.3:o:microsoft:windows_server_2022::::::::

History

21 Oct 2025, 23:15

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360 -

21 Oct 2025, 20:19

Type	Values Removed	Values Added
References	~~{'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}~~

21 Oct 2025, 19:20

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29360 -

21 Nov 2024, 07:56

Type	Values Removed	Values Added
References	~~() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360 - Patch, Vendor Advisory~~	() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360 - Patch, Vendor Advisory

10 Jun 2024, 15:29

Type	Values Removed	Values Added
CPE	cpe:2.3:o:microsoft:windows_10_1809:::::::x86:* cpe:2.3:o:microsoft:windows_10_21h2:::::::x86:* cpe:2.3:o:microsoft:windows_10_22h2:::::::x64:* cpe:2.3:o:microsoft:windows_10_22h2:::::::arm64:* cpe:2.3:o:microsoft:windows_10_22h2:::::::x86:* cpe:2.3:o:microsoft:windows_10_21h2:::::::x64:* cpe:2.3:o:microsoft:windows_11_22h2:::::::x64:* cpe:2.3:o:microsoft:windows_11_21h2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_22h2:::::::arm64:* cpe:2.3:o:microsoft:windows_10_1809:::::::arm64:* cpe:2.3:o:microsoft:windows_10_21h2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_21h2:::::::x64:* cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*	cpe:2.3:o:microsoft:windows_10_22h2:::::::: cpe:2.3:o:microsoft:windows_11_22h2:::::::: cpe:2.3:o:microsoft:windows_10_1809:::::::: cpe:2.3:o:microsoft:windows_10_21h2:::::::: cpe:2.3:o:microsoft:windows_11_21h2::::::::

29 May 2024, 02:15

Type	Values Removed	Values Added
CWE		CWE-822

04 Mar 2024, 14:58

Type	Values Removed	Values Added
CPE	cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:o:microsoft:windows_server_2022:-:::::::*	cpe:2.3:o:microsoft:windows_server_2016:::::::: cpe:2.3:o:microsoft:windows_server_2019:::::::: cpe:2.3:o:microsoft:windows_server_2022::::::::

21 Aug 2023, 20:15

Type	Values Removed	Values Added
CPE		cpe:2.3:o:microsoft:windows_10_22h2:::::::x64:* cpe:2.3:o:microsoft:windows_10_21h2:::::::x86:* cpe:2.3:o:microsoft:windows_server_2022:-:::::::* cpe:2.3:o:microsoft:windows_10_1809:::::::x86:* cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:o:microsoft:windows_10_1607:::::::x86:* cpe:2.3:o:microsoft:windows_11_21h2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_21h2:::::::x64:* cpe:2.3:o:microsoft:windows_10_22h2:::::::x86:* cpe:2.3:o:microsoft:windows_10_1809:::::::arm64:* cpe:2.3:o:microsoft:windows_10_22h2:::::::arm64:* cpe:2.3:o:microsoft:windows_10_21h2:::::::arm64:* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_11_22h2:::::::arm64:* cpe:2.3:o:microsoft:windows_10_1607:::::::x64:* cpe:2.3:o:microsoft:windows_10_21h2:::::::x64:* cpe:2.3:o:microsoft:windows_10_1809:::::::x64:* cpe:2.3:o:microsoft:windows_11_22h2:::::::x64:*
References	~~(MISC) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360 -~~	(MISC) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360 - Patch, Vendor Advisory
Summary	~~Windows TPM Device Driver Elevation of Privilege Vulnerability~~	Microsoft Streaming Service Elevation of Privilege Vulnerability
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 8.4

14 Jun 2023, 03:37

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-14 00:15

Updated : 2025-10-21 23:15

NVD link : CVE-2023-29360

Mitre link : CVE-2023-29360

CVE.ORG link : CVE-2023-29360

JSON object : View

Products Affected

microsoft

windows_10_1809
windows_10_22h2
windows_10_21h2
windows_server_2022
windows_server_2019
windows_10_1607
windows_11_22h2
windows_server_2016
windows_11_21h2

CWE

CWE-822

Untrusted Pointer Dereference

NVD-CWE-noinfo

8.4 /10