CVE-2023-36726: 
vulnerability analysis and mitigation

Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability (CVE-2023-36726) is a security flaw affecting various versions of Microsoft Windows operating systems. The vulnerability was disclosed and patched by Microsoft, with a CVSS v3.1 base score of 7.8 (HIGH), indicating a significant security risk (Microsoft Advisory).

The vulnerability has been classified as a Use After Free (CWE-416) issue. It has a CVSS vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating that it requires local access, low attack complexity, low privileges, and no user interaction, while potentially impacting confidentiality, integrity, and availability at high levels (NVD).

The vulnerability affects multiple Windows versions including Windows 10, Windows 11, and various Windows Server editions. If exploited, it could allow an attacker to gain elevated privileges on affected systems (Microsoft Advisory).

Microsoft has released security updates to address this vulnerability. The fix is included in various Windows updates for affected systems, including Windows 10 versions 1507 through 22H2, Windows 11 versions 21H2 and 22H2, and multiple Windows Server versions (Microsoft KB5031066).