https://github.com/tandasat/CVE-2023-36427

Report and exploit of CVE-2023-36427
https://github.com/tandasat/CVE-2023-36427

hyper-v vulnerability

Last synced: 2 months ago
JSON representation

Report and exploit of CVE-2023-36427

• Host: GitHub
• URL: https://github.com/tandasat/CVE-2023-36427
• Owner: tandasat
• License: mit
• Created: 2023-10-09T16:55:18.000Z (12 months ago)
• Default Branch: main
• Last Pushed: 2023-11-22T15:31:34.000Z (11 months ago)
• Last Synced: 2024-04-08T11:35:38.758Z (6 months ago)
• Topics: hyper-v, vulnerability
• Language: C++
• Homepage: https://tandasat.github.io/blog/2023/11/19/CVE-2023-36427.html
• Size: 14.6 KB
• Stars: 88
• Watchers: 3
• Forks: 17
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-vm-exploit - CVE-2023-36427 Windows Hyper-V Elevation of Privilege Vulnerability

README

        
# CVE-2023-36427

This repo contains the report and exploit of [CVE-2023-36427](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36427), memory corruption at arbitrary physical addresses from the root partition on Windows. The details and exploit of the vulnerability are in the [report](report.md) sent to Microsoft.

[![Demo](https://img.youtube.com/vi/NAhhJkA73mY/0.jpg)](https://www.youtube.com/watch?v=NAhhJkA73mY)

## Timeline

- July 2 - Sent a report to a friend of mine at Microsoft.

- July 11 - Received a reply from a member of the team responsible for the issue.

- August 8 - Received a proposal to make the disclosure date November 14.

- August 9 - Agreed with the proposal.

- November 14 - The fix was released.

- November 15 - Disclosed the issue. Notified that the issue was eligible for a 2000 USD bounty award.

Thanks MSRC for transparent communication, the engineering team for fixing this on time, and Andrea ([@aall86](https://twitter.com/aall86)) for helping me share the issue and connecting with the right folks within Microsoft.