CVE-2023-29343: 
Sysmon vulnerability analysis and mitigation

A Local Privilege Escalation vulnerability (CVE-2023-29343) was discovered in Microsoft's SysInternals Sysmon for Windows. The vulnerability was identified and responsibly disclosed to Microsoft by an independent security researcher, with Microsoft releasing the official advisory on May 9th, 2023 (Arctic Wolf).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Microsoft has identified this vulnerability as being related to CWE-59 (Improper Link Resolution Before File Access) (NVD).

The vulnerability affects all versions of Windows Sysmon up to (but not including) version 14.16. If successfully exploited, this vulnerability could allow an attacker to escalate privileges on an affected system (NVD).

Microsoft has released Sysmon version 14.16 to address this vulnerability. Organizations are strongly recommended to upgrade to this latest version as part of their next patching cycle. The update can be performed using the Arctic Wolf Sysmon Assistant application, which supports upgrading Sysmon in place without requiring manual uninstallation and reinstallation (Arctic Wolf).