CVE-2023-24880
Published: 14 March 2023
Summary
CVE-2023-24880 is a medium-severity Incorrect Authorization (CWE-863) vulnerability in Microsoft Windows 10 1607. Its CVSS base score is 4.4 (Medium).
Operationally, ranked in the top 1.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-3 (Malicious Code Protection).
Deeper analysis
Windows SmartScreen contains a security feature bypass vulnerability tracked as CVE-2023-24880. The flaw resides in the SmartScreen component of Windows and received a CVSS 4.4 rating reflecting local attack vector, low complexity, no required privileges, and user interaction. It is also associated with CWE-863, indicating improper authorization checks that allow the security control to be circumvented.
An attacker with the ability to execute code on a target system can present specially crafted content that SmartScreen fails to evaluate correctly. Successful exploitation permits limited tampering with integrity and availability properties while bypassing the normal warning or blocking behavior that SmartScreen is intended to enforce.
Microsoft’s security update guide provides patches addressing the issue, and the vulnerability appears in CISA’s catalog of known exploited vulnerabilities, confirming that remediation guidance and fixes have been published through official channels.
EPSS scores for the CVE rose from lower values to a recorded peak of 0.7729 on 2025-12-11 before receding to the current 0.7464, indicating measurable post-disclosure exploitation interest that warrants attention from defenders.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-28870
Vulnerability details
Windows SmartScreen Security Feature Bypass Vulnerability
- CWE(s)
- KEV Date Added
- 14 March 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SmartScreen is a core malicious-code and reputation-based protection mechanism; the CVE directly bypasses its warnings for malicious files/links.
The vulnerability is already being exploited in the wild and Microsoft has released patches; timely flaw remediation directly closes the bypass.
Integrity verification of SmartScreen components and downloaded content can detect tampering or successful bypass of the security feature.