CISA Known Exploited Vulnerability

CVE-2023-21823

Microsoft · Windows

Microsoft Windows Graphic Component Privilege Escalation Vulnerability

Date added 2023-02-14

BOD 22-01 due date 2023-03-07

CWE CWE-190

Ransomware Unknown

CISA description

Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.

Required action

Apply updates per vendor instructions.

Notes & references

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

External lookups