← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-28229 — Actively Exploited: Windows CNG Key Isolation Service (Microsoft)

Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.

CVE IDCVE-2023-28229
VendorMicrosoft
ProductWindows CNG Key Isolation Service
Vulnerability nameMicrosoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Date added2023-10-04
Remediation due2023-10-25
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →