What is CVE-2023-38186?

CVE-2023-38186 is a critical vulnerability in Windows Mobile Device Management that allows for elevation of privilege.

Which software are affected by CVE-2023-38186?

CVE-2023-38186 affects Windows Server 2022, Windows 10 (versions 21H2 and 22H2), and Windows 11 (versions 21H2 and 22H2).

How severe is CVE-2023-38186?

CVE-2023-38186 has a severity rating of 9.8, which is considered critical.

How can I fix CVE-2023-38186?

To fix CVE-2023-38186, you should apply the corresponding patches provided by Microsoft. Please refer to the vendor's website for specific patch URLs.

Where can I find more information about CVE-2023-38186?

You can find more information about CVE-2023-38186 on the Microsoft Security Response Center's website at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186.

Vulnerability/
CVE-2023-38186

critical

9.8

CWE

306

8/8/2023

19/7/2024

CVE-2023-38186: Windows Mobile Device Management Elevation of Privilege Vulnerability

First published: Tue Aug 08 2023(Updated: )

Windows Mobile Device Management Elevation of Privilege Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 22h2
Microsoft Windows Server 2022

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186 (Advisory)

Frequently Asked Questions

What is CVE-2023-38186?
CVE-2023-38186 is a critical vulnerability in Windows Mobile Device Management that allows for elevation of privilege.
Which software are affected by CVE-2023-38186?
CVE-2023-38186 affects Windows Server 2022, Windows 10 (versions 21H2 and 22H2), and Windows 11 (versions 21H2 and 22H2).
How severe is CVE-2023-38186?
CVE-2023-38186 has a severity rating of 9.8, which is considered critical.
How can I fix CVE-2023-38186?
To fix CVE-2023-38186, you should apply the corresponding patches provided by Microsoft. Please refer to the vendor's website for specific patch URLs.
Where can I find more information about CVE-2023-38186?
You can find more information about CVE-2023-38186 on the Microsoft Security Response Center's website at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186.

collector/msrc
agent/author
source/Microsoft
collector/msrc-cve
agent/type
agent/first-publish-date
agent/software-canonical-lookup
agent/references
agent/remedy
agent/title
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/last-modified-date
agent/severity
agent/weakness
agent/tags
vendor/microsoft
canonical/microsoft windows server 2022
canonical/microsoft windows 11
version/microsoft windows 11/21h2
version/microsoft windows 11/22h2
canonical/microsoft windows 10
version/microsoft windows 10/21h2
version/microsoft windows 10/22h2
canonical/microsoft windows 10 21h2
canonical/microsoft windows 10 22h2
canonical/microsoft windows 11 21h2
canonical/microsoft windows 11 22h2