Description
Microsoft WordPad Information Disclosure Vulnerability
Reserved 2023-06-23 | Published 2023-10-10 | Updated 2025-07-30 | Assigner
microsoftMEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CISA Known Exploited Vulnerability
Date added 2023-10-10 | Due date 2023-10-31
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Problem types
CWE-20: Improper Input Validation
Product status
10.0.17763.0 before 10.0.17763.4974
affected
10.0.0 before 10.0.17763.4974
affected
10.0.17763.0 before 10.0.17763.4974
affected
10.0.17763.0 before 10.0.17763.4974
affected
10.0.20348.0 before 10.0.20348.2031
affected
10.0.0 before 10.0.22000.2538
affected
10.0.19043.0 before 10.0.19041.3570
affected
10.0.22621.0 before 10.0.22621.2428
affected
10.0.19045.0 before 10.0.19045.3570
affected
10.0.10240.0 before 10.0.10240.20232
affected
10.0.14393.0 before 10.0.14393.6351
affected
10.0.14393.0 before 10.0.14393.6351
affected
10.0.14393.0 before 10.0.14393.6351
affected
6.0.6003.0 before 6.0.6003.22317
affected
6.0.6003.0 before 6.0.6003.22317
affected
6.0.6003.0 before 6.0.6003.22317
affected
6.1.7601.0 before 6.1.7601.26769
affected
6.1.7601.0 before 6.1.7601.26769
affected
6.2.9200.0 before 6.2.9200.24523
affected
6.2.9200.0 before 6.2.9200.24523
affected
6.3.9600.0 before 6.3.9600.21620
affected
6.3.9600.0 before 6.3.9600.21620
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36563 (Microsoft WordPad Information Disclosure Vulnerability) vendor-advisory
cve.org (CVE-2023-36563)
nvd.nist.gov (CVE-2023-36563)
Download JSON
