关键信息 漏洞名称: - Windows Kernel Elevation of Privilege Vulnerability 漏洞标识符 (CVE) - CVE-2023-35633 发布日期: - Dec 12, 2023 严重程度: - Important (重要) 漏洞影响: - Elevation of Privilege (权限提升) CVSS 评分: - 7.8 (Base) / 6.8 (Temporal) CVSS 向量字符串: - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C CVSS 度量指标: - 攻击向量 (Attack Vector): Local (本地) - 攻击复杂度 (Attack Complexity): Low (低) - 必要权限 (Privileges Required): Low (低) - 用户交互 (User Interaction): None (无) - 范围 (Scope): Unchanged (不变) - 保密性 (Confidentiality): High (高) - 完整性 (Integrity): High (高) - 可用性 (Availability): High (高) 暂时性风险评估: - 利用代码成熟度 (Exploit Code Maturity): Unproven (未验证) - 修复级别 (Remediation Level): Official Fix (官方修复) 弱项相关性: - CWE-59: Improper Link Resolution Before File Access ('Link Following')