CVE-2023-36424 — Microsoft Windows: Microsoft Windows Out-of-Bounds Read Vulnerability

April 13, 2026 15:00 /HIGH

CISA KEV vulnerabilitycvecisa-kevactively-exploited

CVE-2023-36424 — Microsoft Windows: Microsoft Windows Out-of-Bounds Read Vulnerability

Image via

CVE-2023-36424 — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

What This Means For You

CISA has confirmed active exploitation — immediate patching required.
Added to CISA KEV catalog — federal agencies must remediate by 2026-04-27.

Related ATT&CK Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation

🛡️ Detection Rules

1 rules · 5 SIEM formats

1 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, and QRadar AQL.

high T1068 Privilege Escalation

Privilege Escalation Attempt Detection

Sigma Splunk SPL Sentinel KQL Elastic QRadar AQL

Get this rule in your SIEM's native format — copy, paste, detect. No manual conversion.

1 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get Detection Rules →

Indicators of Compromise

ID	Type	Indicator
CVE-2023-36424	Vulnerability	CVE-2023-36424

Source & Attribution

Source Platform	CISA
Channel	CISA KEV
Published	April 13, 2026 at 15:00 UTC

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

What This Means For You

Related ATT&CK Techniques

🛡️ Detection Rules

Privilege Escalation Attempt Detection

Indicators of Compromise

Related Posts

Critical RCE Flaw Hits NuGet Gallery Backend

BoidCMS LFI to RCE: A Critical Template Flaw

Nanobot AI: WebSocket Hijack Puts WhatsApp Sessions at Risk