CVE-2023-28229

Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges. Vendor/Product: Microsoft Windows CNG Key Isolation Service. Added to CISA KEV 2023-10-04; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.