Home

Awesome

CVE-2023-36427

This repo contains the report and exploit of CVE-2023-36427, memory corruption at arbitrary physical addresses from the root partition on Windows. The details and exploit of the vulnerability are in the report sent to Microsoft.

Demo

Timeline

Thanks MSRC for transparent communication, the engineering team for fixing this on time, and Andrea (@aall86) for helping me share the issue and connecting with the right folks within Microsoft.