CVE-2023-0386:

Overview

Severity

High (CVSS 7.8)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Status

Not Exploited

Patch Tuesday

2023-May

Released

2023-03-30

Last Updated

2023-05-03

EPSS Score

52.39% (percentile: 97.9%)

Detection & Weaponization (2 sources)

Maturity: Exploit

• Metasploit modules: Local Privilege Escalation via CVE-2023-0386
• GitHub PoC: 13 repositories

Affected Products (4)

Mariner

• CBL Mariner 2.0 x64
• CBL Mariner 2.0 ARM
• CBL Mariner 1.0 x64
• CBL Mariner 1.0 ARM

Revision History

• 2023-03-30: Information published.
• 2023-04-04: Added hyperv-daemons to CBL-Mariner 1.0
• 2023-05-03: Information published.