CVE-2023-28251: 
vulnerability analysis and mitigation

Windows Driver Revocation List Security Feature Bypass Vulnerability (CVE-2023-28251) was disclosed on May 09, 2023. This vulnerability affects multiple versions of Microsoft Windows including Windows 10, Windows 11, and Windows Server versions (Microsoft Update Guide).

The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium), with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and no user interaction. While it does not impact confidentiality or availability, it can have a high impact on integrity (AttackerKB).

The vulnerability could allow an attacker to bypass Windows Driver Revocation List security features. This could potentially enable the use of revoked drivers, which might lead to system compromise through the execution of malicious drivers (Microsoft Update Guide).

Microsoft has released security updates to address this vulnerability across affected Windows versions. Users are advised to apply the relevant security updates: KB5026361 for Windows 10 versions 20H2, 21H2, and 22H2, KB5026362 for Windows 10 version 1809, KB5026363 for Windows 10 version 1607, KB5026368 for Windows 11 version 21H2, KB5026372 for Windows 11 version 22H2, and various other KB articles for different Windows Server versions (Microsoft Update Guide).