April 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2023-36696 – Microsoft Cloud Files Mini Filter Driver Vulnerability
December 14, 2023Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
December 14, 2023Rewterz Threat Advisory – CVE-2023-36696 – Microsoft Cloud Files Mini Filter Driver Vulnerability
December 14, 2023Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
December 14, 2023
Severity
High
Analysis Summary
CVE-2023-35624 CVSS:7.3
Microsoft Azure Connected Machine Agent could allow a local authenticated attacker to gain elevated privileges on the system. By persuading a victim to open a specially crafted file, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2023-35625 CVSS:4.7
Microsoft Azure Machine Learning Compute Instance could allow a local authenticated attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain Azure Machine Learning training data and use this information to launch further attacks against the affected system.
Impact
- Privileges Escalation
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-35624
- CVE-2023-35625
Affected Vendors
Microsoft
Affected Products
- Microsoft Azure HDInsights
- Microsoft Azure Connected Machine Agent
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
