Cyber Resilience

CVE-2023-24880

MediumCISA KEVActive ExploitationEUVD ExploitedRansomware-linked

Published: 14 March 2023

Published
14 March 2023
Modified
27 October 2025
KEV Added
14 March 2023
Patch
CVSS Score v3.1 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
EPSS Score 0.7464 98.9th percentile
Risk Priority 74 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-24880 is a medium-severity Incorrect Authorization (CWE-863) vulnerability in Microsoft Windows 10 1607. Its CVSS base score is 4.4 (Medium).

Operationally, ranked in the top 1.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-3 (Malicious Code Protection).

Deeper analysis

Windows SmartScreen contains a security feature bypass vulnerability tracked as CVE-2023-24880. The flaw resides in the SmartScreen component of Windows and received a CVSS 4.4 rating reflecting local attack vector, low complexity, no required privileges, and user interaction. It is also associated with CWE-863, indicating improper authorization checks that allow the security control to be circumvented.

An attacker with the ability to execute code on a target system can present specially crafted content that SmartScreen fails to evaluate correctly. Successful exploitation permits limited tampering with integrity and availability properties while bypassing the normal warning or blocking behavior that SmartScreen is intended to enforce.

Microsoft’s security update guide provides patches addressing the issue, and the vulnerability appears in CISA’s catalog of known exploited vulnerabilities, confirming that remediation guidance and fixes have been published through official channels.

EPSS scores for the CVE rose from lower values to a recorded peak of 0.7729 on 2025-12-11 before receding to the current 0.7464, indicating measurable post-disclosure exploitation interest that warrants attention from defenders.

EU & UK References

Vulnerability details

Windows SmartScreen Security Feature Bypass Vulnerability

CWE(s)
KEV Date Added
14 March 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 10 1607
≤ 10.0.14393.5786
microsoft
windows 10 1809
≤ 10.0.17763.4131
microsoft
windows 10 20h2
≤ 10.0.19042.2728
microsoft
windows 10 21h2
≤ 10.0.19044.2728
microsoft
windows 10 22h2
≤ 10.0.19045.2728
microsoft
windows 11 21h2
≤ 10.0.22000.1696
microsoft
windows 11 22h2
≤ 10.0.22000.1413
microsoft
windows server 2016
≤ 10.0.14393.5786
microsoft
windows server 2019
≤ 10.0.17763.4131
microsoft
windows server 2022
≤ 10.0.20348.1602

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SmartScreen is a core malicious-code and reputation-based protection mechanism; the CVE directly bypasses its warnings for malicious files/links.

prevent

The vulnerability is already being exploited in the wild and Microsoft has released patches; timely flaw remediation directly closes the bypass.

detect

Integrity verification of SmartScreen components and downloaded content can detect tampering or successful bypass of the security feature.

References