Report Name: Microsoft Patch Tuesday, April 2023
Generated: 2023-04-23 12:27:35

Vulristics Vulnerability Scores
Basic Vulnerability Scores
Products

Product NamePrevalenceUCHMLComment
Kerberos11Kerberos
Microsoft Message Queuing0.93Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95
Remote Procedure Call Runtime0.911Remote Procedure Call Runtime
Windows DNS Server0.981Windows component
Windows Kernel0.918Windows Kernel
Windows NTLM0.91A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity
Windows Win32k0.911Windows kernel-mode driver
Microsoft Defender0.81Anti-malware component of Microsoft Windows
Microsoft Edge0.81411Web browser
Microsoft PostScript and PCL6 Class Printer Driver0.8111Microsoft standard printer driver for PostScript printers
RPC0.81Remote Procedure Call Runtime
Windows Domain Name Service0.81Windows component
Windows Advanced Local Procedure Call (ALPC)0.81Windows component
Windows Ancillary Function Driver for WinSock0.81Windows component
Windows Bluetooth Driver0.81Windows component
Windows Boot Manager0.82Windows component
Windows CNG Key Isolation Service0.81Windows component
Windows Clip Service0.81Windows component
Windows Common Log File System Driver0.811Windows component
Windows Enroll Engine0.81Windows component
Windows Error Reporting Service0.81Windows component
Windows Graphics Component0.81Windows component
Windows Group Policy0.81Windows component
Windows Internet Key Exchange (IKE) Protocol Extensions0.81Windows component
Windows Kernel Memory0.81Windows component
Windows Lock Screen0.82Windows component
Windows Network Address Translation (NAT)0.81Windows component
Windows Network File System0.81Windows component
Windows Network Load Balancing0.81Windows component
Windows Point-to-Point Protocol over Ethernet (PPPoE)0.81Windows component
Windows Point-to-Point Tunneling Protocol0.81Windows component
Windows Pragmatic General Multicast (PGM)0.81Windows component
Windows Registry0.81Windows component
Windows Remote Desktop Protocol0.81Windows component
Windows Remote Procedure Call Service (RPCSS)0.81Windows component
Windows Secure Channel0.83Windows component
Windows Secure Socket Tunneling Protocol (SSTP)0.81Windows component
Windows Snipping Tool0.81Windows component
.NET0.71.NET
Microsoft SharePoint0.71Microsoft SharePoint
Raw Image Extension0.72Raw Image Extension
Microsoft Office0.61Microsoft Office
Microsoft SQL0.61Microsoft SQL
Microsoft Word0.61MS Office product
Azure Machine Learning0.51Azure Machine Learning
Azure Service Connector0.51Azure Service Connector
DHCP Server Service0.51DHCP Server Service
Layer 2 Tunneling Protocol0.52Layer 2 Tunneling Protocol
Microsoft Dynamics 365 (on-premises)0.52Microsoft Dynamics 365 (on-premises)
Microsoft Dynamics 365 Customer Voice0.51Microsoft Dynamics 365 Customer Voice
Microsoft ODBC and OLE DB0.52Microsoft ODBC and OLE DB
Microsoft Publisher0.52Microsoft Publisher
Microsoft WDAC OLE DB provider for SQL Server0.51Microsoft WDAC OLE DB provider for SQL Server
Visual Studio0.313Integrated development environment
Visual Studio Code0.31Integrated development environment


Vulnerability Types

Vulnerability TypeCriticalityUCHMLComment
Remote Code Execution1.01404Remote Code Execution
Security Feature Bypass0.965Security Feature Bypass
Denial of Service0.727Denial of Service
Memory Corruption0.6113Memory Corruption
Elevation of Privilege0.51218Elevation of Privilege
Cross Site Scripting0.43Cross Site Scripting
Information Disclosure0.411Information Disclosure
Spoofing0.46Spoofing
Tampering0.31Tampering
Unknown Vulnerability Type02Unknown Vulnerability Type


Vulnerabilities

Urgent (0)

Critical (2)

1. Elevation of Privilege - Windows Common Log File System Driver (CVE-2023-28252) - Critical [665]

Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild1.018Exploitation in the wild is mentioned on Vulners (cisa_kev object), AttackerKB, Microsoft websites
Public Exploit Exists0.617The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Functional Exploit)
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00043, EPSS Percentile is 0.07489

qualys: CVE-2023-28252: Windows Common Log File System Driver Elevation of Privilege Vulnerability An attacker may exploit this vulnerability in a low-complexity attack. On successful exploitation, an attacker will gain SYSTEM privileges. Microsoft has mentioned in the advisory that the vulnerability is being exploited in the wild. Cybercriminals have used the vulnerability to deploy Nokoyawa Ransomware. The identity of the threat actor or APT group using Nokoyawa is yet to be disclosed. The attacks are happening in South and North America, regions across Asia, and SMBs in the Middle East. Additionally, CISA has also added this vulnerability to its Known Exploitable Vulnerabilities Catalog.

tenable: Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)

tenable: CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege Vulnerability

tenable: CVE-2023-28252 is an EoP vulnerability in the Windows Common Log File System (CLFS) Driver, a logging service used by kernel-mode and user-mode applications. It was assigned a CVSSv3 score of 7.8. This vulnerability is a post-compromise flaw, meaning an attacker could exploit it after gaining access to a vulnerable target. Successful exploitation would elevate an attacker’s privileges SYSTEM. According to Microsoft, it was exploited in the wild as a zero day. Its discovery is attributed to Genwei Jiang of Mandiant and Quan Jin with DBAPPSecurity WeBin Lab.

tenable: CVE-2023-28252 is the second CLFS Driver EoP vulnerability to be exploited in the wild in 2023, as CVE-2023-23376 was disclosed in the February 2023 Patch Tuesday. It is the fourth known CLFS EoP vulnerability to be exploited in the wild in the last two years, following CVE-2022-24521 from the April 2022 Patch Tuesday and CVE-2022-37969 from the September 2022 Patch Tuesday release. CVE-2022-37969 was also disclosed to Microsoft by Wang and Jin, though it is unclear if there is any connection between both flaws.

rapid7: Over the last 18 months or so, Rapid7 has written several times about the prevalence of driver-based attacks. This month's sole zero-day vulnerability – a driver-based elevation of privilege – will only reinforce the popularity of the vector among threat actors. Successful exploitation of CVE-2023-28252 allows an attacker to obtain SYSTEM privileges via a vulnerability in the Windows Common Log File System (CLFS) driver. Microsoft has patched more than one similar CLFS driver vulnerability over the past year, including CVE-2023-23376 in February 2023 and CVE-2022-37969 in September 2022.

rapid7: Microsoft has released patches for the zero-day vulnerability CVE-2023-28252 for all current versions of Windows. Microsoft is not aware of public disclosure, but has detected in-the-wild exploitation and is aware of functional exploit code. The assigned base CVSSv3 score of 7.8 lands this vulnerability near the top of the High severity range, which is expected since it gives complete control of an asset, but a remote attacker must first find some other method to access the target.

zdi: CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. This is the one bug under active attack this month, and if it seems familiar, that’s because there was a similar 0-day patched in the same component just two months ago. To me, that implies the original fix was insufficient and attackers have found a method to bypass that fix. As in February, there is no information about how widespread these attacks may be. This type of exploit is typically paired with a code execution bug to spread malware or ransomware. Definitely test and deploy this patch quickly.

2. Remote Code Execution - Microsoft Word (CVE-2023-28311) - Critical [647]

Description: Microsoft Word Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists1.017The existence of a publicly available exploit is mentioned on Vulners website (Microsoft Word Remote Code Execution, Microsoft Word 16.72.23040900 - Remote Code Execution Vulnerability, Microsoft Word 16.72.23040900 - Remote Code Execution (RCE))
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614MS Office product
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.610EPSS Probability is 0.00217, EPSS Percentile is 0.58123

High (61)

3. Remote Code Execution - Microsoft Message Queuing (CVE-2023-21554) - High [542]

Description: Microsoft Message Queuing Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95
CVSS Base Score1.010CVSS Base Score is 9.8. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.01372, EPSS Percentile is 0.84277

qualys: CVE-2023-21554: Microsoft Message Queuing Remote Code Execution Vulnerability (QueueJumper) Message Queuing (MSMQ) is a protocol developed by Microsoft to ensure reliable communication between Windows computers across different networks, even when a host is temporarily not connected (by maintaining a message queue of undelivered messages). The Windows message queuing service needs to be enabled for the system to be exploitable. This feature can be enabled using the Control Panel. To exploit this vulnerability, an attacker must send a specially crafted malicious MSMQ packet to an MSMQ server to perform remote code execution on the server side.

qualys: CVE-2023-21554: Microsoft Message Queuing Remote Code Execution Vulnerability   This vulnerability has a CVSSv3.1 9.8 / 8.5   Policy Compliance Control IDs (CIDs):   4030 Status of the ‘Windows Message Queuing Service’   14916 Status of Windows Services   14297 Status of the open network connections and listening ports (Qualys Agent only)  The following QQL will return a posture assessment for the CIDs for this Patch Tuesday:   control.id: [4030,14916,14297,10472,10475,10474,13918,10473,16104,4026] 

qualys: CVE-2023-21554: Microsoft Message Queuing Remote Code Execution Vulnerability  This vulnerability has a CVSSv3.1 score of 9.8/10.  Exploitability Assessment: Exploitation More Likely

tenable: CVE-2023-21554 | Microsoft Message Queuing Remote Code Execution Vulnerability

tenable: CVE-2023-21554 is a RCE vulnerability affecting Microsoft Message Queuing (MSMQ) with a CVSSv3 score of 9.8. An attacker could exploit this flaw by sending a specially crafted MSMQ packet to an affected MSMQ server. Microsoft’s advisory notes that exploitation of this flaw requires the Windows message queuing service to be enabled. When enabled, TCP port 1801 will be listening on the host.

rapid7: Microsoft rates seven of this month’s RCE vulnerabilities as Critical, including two related vulnerabilities with a CVSSv3 base score of 9.8. CVE-2023-28250 describes a vulnerability in Windows Pragmatic General Multicast (PGM) which allows an attacker to achieve RCE by sending a specially crafted file over the network. CVE-2023-21554 allows an attacker to achieve RCE by sending a specially crafted Microsoft Messaging Queue packet. In both cases, the Microsoft Message Queueing Service must be enabled and listening on port 1801 for an asset to be vulnerable. The Message Queueing Service is not installed by default. Even so, Microsoft considers exploitation of CVE-2023-21554 more likely.

zdi: CVE-2023-21554 – Microsoft Message Queuing Remote Code Execution Vulnerability. This is a CVSS 9.8 bug and receives Microsoft’s highest exploitability rating. It allows a remote, unauthenticated attacker to run their code with elevated privileges on affected servers with the Message Queuing service enabled. This service is disabled by default but is commonly used by many contact center applications. It listens to TCP port 1801 by default, so blocking this at the perimeter would prevent external attacks. However, it’s not clear what impact this may have on operations. Your best option is to test and deploy the update.

4. Remote Code Execution - Windows Pragmatic General Multicast (PGM) (CVE-2023-28250) - High [526]

Description: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score1.010CVSS Base Score is 9.8. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.01074, EPSS Percentile is 0.82098

qualys: CVE-2023-28250: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Pragmatic General Multicast (PGM) is a multicast computer network transport protocol best suited for applications like multi-receiver file transfer. The protocol provides a reliable sequence of packets to multiple recipients simultaneously. The system will be exploitable if the Windows Message Queuing service is enabled. An attacker may send a specially crafted file over the network for remote code execution.

qualys: CVE-2023-28250: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability   This vulnerability has a CVSSv3.1 9.8 / 8.5   Policy Compliance Control IDs (CIDs):   4030 Status of the ‘Windows Message Queuing Service’   14916 Status of Windows Services   14297 Status of the open network connections and listening ports (Qualys Agent only)  

qualys: CVE-2023-28250: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability  This vulnerability has a CVSSv3.1 score of 9.8/10.  Exploitability Assessment: Exploitation More Likely

tenable: CVE-2023-28250 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

tenable: CVE-2023-28250 is a RCE vulnerability affecting Windows Pragmatic General Multicast (PGM). Successful exploitation requires the MSMQ service to be enabled. An attacker could exploit this flaw by sending a crafted file over the network in order to execute arbitrary code. This vulnerability has a CVSSv3 score of 9.8 and impacts supported versions of Windows including Server Core installations.

rapid7: Microsoft rates seven of this month’s RCE vulnerabilities as Critical, including two related vulnerabilities with a CVSSv3 base score of 9.8. CVE-2023-28250 describes a vulnerability in Windows Pragmatic General Multicast (PGM) which allows an attacker to achieve RCE by sending a specially crafted file over the network. CVE-2023-21554 allows an attacker to achieve RCE by sending a specially crafted Microsoft Messaging Queue packet. In both cases, the Microsoft Message Queueing Service must be enabled and listening on port 1801 for an asset to be vulnerable. The Message Queueing Service is not installed by default. Even so, Microsoft considers exploitation of CVE-2023-21554 more likely.

5. Remote Code Execution - Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2023-28238) - High [514]

Description: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.910EPSS Probability is 0.0423, EPSS Percentile is 0.90965

qualys: CVE-2023-28238: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability   This vulnerability has a CVSSv3.1 7.5 / 6.5   Policy Compliance Control IDs (CIDs):   4026 Status of the Windows IKE and AuthIP IPsec Keying Modules service   14916 Status of Windows Services  

qualys: CVE-2023-28238: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability  This vulnerability has a CVSSv3.1 score of 7.5/10. Exploitability Assessment: Exploitation Less Likely 

6. Remote Code Execution - Windows Point-to-Point Tunneling Protocol (CVE-2023-28232) - High [502]

Description: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.00609, EPSS Percentile is 0.75497

qualys: CVE-2023-28232: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Point-to-Point Tunneling Protocol enables secure data transmission from a remote client to a private enterprise server with the help of a virtual private network (VPN) across TCP/IP-based data networks. The vulnerability arises when a user connects a Windows client to a malicious server. An attacker must perform additional actions to prepare the target environment for exploitation.

7. Remote Code Execution - .NET (CVE-2023-28260) - High [495]

Description: .NET DLL Hijacking Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714.NET
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00061, EPSS Percentile is 0.23876

8. Remote Code Execution - Remote Procedure Call Runtime (CVE-2023-21727) - High [495]

Description: Remote Procedure Call Runtime Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Remote Procedure Call Runtime
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

9. Remote Code Execution - Microsoft ODBC and OLE DB (CVE-2023-23375) - High [485]

Description: Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Microsoft ODBC and OLE DB
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

10. Remote Code Execution - Microsoft ODBC and OLE DB (CVE-2023-28304) - High [485]

Description: Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Microsoft ODBC and OLE DB
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

11. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24884) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

12. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24885) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00147, EPSS Percentile is 0.49242

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

13. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24886) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

14. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24887) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

15. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24924) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

16. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24925) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

17. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24926) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

18. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24927) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

19. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24928) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

20. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24929) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

21. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-28243) - High [478]

Description: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54912

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

22. Remote Code Execution - Microsoft WDAC OLE DB provider for SQL Server (CVE-2023-28275) - High [476]

Description: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Microsoft WDAC OLE DB provider for SQL Server
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.910EPSS Probability is 0.02137, EPSS Percentile is 0.87583

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

23. Remote Code Execution - Windows DNS Server (CVE-2023-28254) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 7.2. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00189, EPSS Percentile is 0.54867

24. Remote Code Execution - Windows DNS Server (CVE-2023-28255) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00146, EPSS Percentile is 0.49175

25. Remote Code Execution - Windows DNS Server (CVE-2023-28256) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00146, EPSS Percentile is 0.49175

26. Remote Code Execution - Windows DNS Server (CVE-2023-28278) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00135, EPSS Percentile is 0.47323

27. Remote Code Execution - Windows DNS Server (CVE-2023-28305) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00135, EPSS Percentile is 0.47323

28. Remote Code Execution - Windows DNS Server (CVE-2023-28306) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00135, EPSS Percentile is 0.47323

29. Remote Code Execution - Windows DNS Server (CVE-2023-28307) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00135, EPSS Percentile is 0.47323

30. Remote Code Execution - Windows DNS Server (CVE-2023-28308) - High [471]

Description: Windows DNS Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00135, EPSS Percentile is 0.47323

31. Remote Code Execution - Windows Kernel (CVE-2023-28237) - High [471]

Description: Windows Kernel Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

32. Remote Code Execution - Windows Network Load Balancing (CVE-2023-28240) - High [466]

Description: Windows Network Load Balancing Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

33. Remote Code Execution - Microsoft SQL (CVE-2023-23384) - High [457]

Description: Microsoft SQL Server Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Microsoft SQL
CVSS Base Score0.710CVSS Base Score is 7.3. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.01074, EPSS Percentile is 0.82098

zdi: CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability. This is a silent patch released by Microsoft in February and is just now being documented. The problem of silent patching has already been well documented, so I won’t rehash it here. The patch fixes an OOB Write bug in the SQLcmd tool that could allow a remote, unauthenticated attacker to exploit code with elevated privileges. While not listed in the CVSS, the attack complexity seems high since the attacker can only control a few bytes at a time. A server crash is much more likely. If you’re running SQL server, read the Cumulative Update table to ensure you have both the February and April updates installed.

34. Remote Code Execution - Windows Domain Name Service (CVE-2023-28223) - High [454]

Description: Windows Domain Name Service Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 6.6. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00146, EPSS Percentile is 0.49175

35. Remote Code Execution - Windows Bluetooth Driver (CVE-2023-28227) - High [454]

Description: Windows Bluetooth Driver Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00106, EPSS Percentile is 0.41842

36. Remote Code Execution - Layer 2 Tunneling Protocol (CVE-2023-28219) - High [452]

Description: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Layer 2 Tunneling Protocol
CVSS Base Score0.810CVSS Base Score is 8.1. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.00641, EPSS Percentile is 0.76192

qualys: CVE-2023-28219 & CVE-2023-28220: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used mainly by Internet Service Providers and Virtual Private Networks (VPNs). L2TP is one of the protocols that help in ensuring security and privacy by enabling a tunnel for Layer 2 traffic over a Layer 3 network. To exploit this vulnerability, an attacker is required to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server and perform remote code execution on the RAS server machine.

37. Remote Code Execution - Layer 2 Tunneling Protocol (CVE-2023-28220) - High [452]

Description: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Layer 2 Tunneling Protocol
CVSS Base Score0.810CVSS Base Score is 8.1. According to Microsoft data source
EPSS Percentile0.810EPSS Probability is 0.00641, EPSS Percentile is 0.76192

qualys: CVE-2023-28219 & CVE-2023-28220: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used mainly by Internet Service Providers and Virtual Private Networks (VPNs). L2TP is one of the protocols that help in ensuring security and privacy by enabling a tunnel for Layer 2 traffic over a Layer 3 network. To exploit this vulnerability, an attacker is required to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server and perform remote code execution on the RAS server machine.

38. Remote Code Execution - Visual Studio (CVE-2023-28296) - High [452]

Description: Visual Studio Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.314Integrated development environment
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

39. Remote Code Execution - Windows Point-to-Point Protocol over Ethernet (PPPoE) (CVE-2023-28224) - High [442]

Description: Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.1. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00106, EPSS Percentile is 0.41595

40. Remote Code Execution - Raw Image Extension (CVE-2023-28291) - High [438]

Description: Raw Image Extension Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714Raw Image Extension
CVSS Base Score0.810CVSS Base Score is 8.4. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

qualys: CVE-2023-28291: Raw Image Extension Remote Code Execution Vulnerability An attacker must log on to the system to exploit the vulnerability. An attacker may trick a local user into opening a malicious file containing a specially crafted application to take control of the system. To open the specially crafted file, an attacker must first convince the user to click a link, usually sent via an email or instant message.

41. Remote Code Execution - Raw Image Extension (CVE-2023-28292) - High [438]

Description: Raw Image Extension Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714Raw Image Extension
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

42. Security Feature Bypass - Microsoft Edge (CVE-2023-1814) - High [436]

Description: Chromium: CVE-2023-1814 Insufficient validation of untrusted input in Safe Browsing. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00136, EPSS Percentile is 0.47518

MS PT Extended: CVE-2023-1814 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

43. Elevation of Privilege - Windows Win32k (CVE-2023-28274) - High [427]

Description: Windows Win32k Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows kernel-mode driver
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

44. Security Feature Bypass - Microsoft Edge (CVE-2023-1817) - High [425]

Description: Chromium: CVE-2023-1817 Insufficient policy enforcement in Intents. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.43465

MS PT Extended: CVE-2023-1817 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

45. Security Feature Bypass - Microsoft Edge (CVE-2023-1823) - High [425]

Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1823 Inappropriate implementation in FedCM. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.43465

MS PT Extended: CVE-2023-1823 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

46. Remote Code Execution - Microsoft Office (CVE-2023-28285) - High [421]

Description: Microsoft Office Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Microsoft Office
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00114, EPSS Percentile is 0.43636

47. Memory Corruption - Microsoft Edge (CVE-2023-1534) - High [419]

Description: Chromium: CVE-2023-1534 Out of bounds read in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.610EPSS Probability is 0.00229, EPSS Percentile is 0.59519

MS PT Extended: CVE-2023-1534 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

48. Security Feature Bypass - Windows Enroll Engine (CVE-2023-28226) - High [413]

Description: Windows Enroll Engine Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.510CVSS Base Score is 5.3. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00149, EPSS Percentile is 0.49622

49. Elevation of Privilege - Kerberos (CVE-2023-28244) - High [410]

Description: Windows Kerberos Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common114Kerberos
CVSS Base Score0.810CVSS Base Score is 8.1. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00138, EPSS Percentile is 0.47905

qualys: CVE-2023-28244: Windows Kerberos Elevation of Privilege Vulnerability   This vulnerability has a CVSSv3.1 8.1 / 7.1   Policy Compliance Control IDs (CIDs):   10472 Status of the ‘Turn On Virtualization Based Security’ setting   10475 Status of the ‘Turn On Virtualization Based Security (Select Platform Security Level)’ setting   10474 Status of the ‘Turn On Virtualization Based Security (Enable Virtualization Based Protection of Code Integrity)’ setting   13918 Status of ‘Turn On Virtualization Based Security: Require UEFI Memory Attributes Table’ group policy   10473 Status of the ‘Turn On Virtualization Based Security (Credential Guard Configuration)’ setting   16104 Status of the ‘Turn On Virtualization Based Security (Secure Launch Configuration)’ GPO setting  

qualys: CVE-2023-28244: Windows Kerberos Elevation of Privilege Vulnerability  This vulnerability has a CVSSv3.1 score of 8.1/10. Exploitability Assessment: Exploitation Less Likely  Note: Scripts will be available in the CAR script library.

50. Memory Corruption - Microsoft Edge (CVE-2023-1528) - High [407]

Description: Chromium: CVE-2023-1528 Use after free in Passwords. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to NVD data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1528 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

51. Memory Corruption - Microsoft Edge (CVE-2023-1529) - High [407]

Description: Chromium: CVE-2023-1529 Out of bounds memory access in WebHID. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score1.010CVSS Base Score is 9.8. According to NVD data source
EPSS Percentile0.410EPSS Probability is 0.00096, EPSS Percentile is 0.38951

MS PT Extended: CVE-2023-1529 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

52. Memory Corruption - Microsoft Edge (CVE-2023-1530) - High [407]

Description: Chromium: CVE-2023-1530 Use after free in PDF. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to NVD data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1530 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

53. Memory Corruption - Microsoft Edge (CVE-2023-1531) - High [407]

Description: Chromium: CVE-2023-1531 Use after free in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to NVD data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1531 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

54. Memory Corruption - Microsoft Edge (CVE-2023-1532) - High [407]

Description: Chromium: CVE-2023-1532 Out of bounds read in GPU Video. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to NVD data source
EPSS Percentile0.510EPSS Probability is 0.00133, EPSS Percentile is 0.47002

MS PT Extended: CVE-2023-1532 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

55. Memory Corruption - Microsoft Edge (CVE-2023-1810) - High [407]

Description: Chromium: CVE-2023-1810 Heap buffer overflow in Visuals. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00157, EPSS Percentile is 0.50694

MS PT Extended: CVE-2023-1810 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

56. Memory Corruption - Microsoft Edge (CVE-2023-1811) - High [407]

Description: Chromium: CVE-2023-1811 Use after free in Frames. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1811 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

57. Memory Corruption - Microsoft Edge (CVE-2023-1815) - High [407]

Description: Chromium: CVE-2023-1815 Use after free in Networking APIs. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1815 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

58. Memory Corruption - Microsoft Edge (CVE-2023-1818) - High [407]

Description: Chromium: CVE-2023-1818 Use after free in Vulkan. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00127, EPSS Percentile is 0.45993

MS PT Extended: CVE-2023-1818 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

59. Memory Corruption - Microsoft Edge (CVE-2023-1820) - High [407]

Description: Chromium: CVE-2023-1820 Heap buffer overflow in Browser History. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.00132, EPSS Percentile is 0.46683

MS PT Extended: CVE-2023-1820 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

60. Denial of Service - Microsoft Message Queuing (CVE-2023-21769) - High [405]

Description: Microsoft Message Queuing Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.914Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

tenable: In addition to this RCE flaw, two denial of service CVEs (CVE-2023-21769 and CVE-2023-28302) rated as “important” were also patched in MSMQ this month.

61. Denial of Service - Microsoft Message Queuing (CVE-2023-28302) - High [405]

Description: Microsoft Message Queuing Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.914Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

tenable: In addition to this RCE flaw, two denial of service CVEs (CVE-2023-21769 and CVE-2023-28302) rated as “important” were also patched in MSMQ this month.

62. Security Feature Bypass - Windows Lock Screen (CVE-2023-28235) - High [401]

Description: Windows Lock Screen Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 6.8. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00051, EPSS Percentile is 0.17724

63. Security Feature Bypass - Windows Lock Screen (CVE-2023-28270) - High [401]

Description: Windows Lock Screen Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 6.8. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00051, EPSS Percentile is 0.17724

Medium (60)

64. Memory Corruption - Microsoft Edge (CVE-2023-1533) - Medium [395]

Description: Chromium: CVE-2023-1533 Use after free in WebProtect. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00107, EPSS Percentile is 0.41927

MS PT Extended: CVE-2023-1533 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

65. Memory Corruption - Microsoft Edge (CVE-2023-1812) - Medium [395]

Description: Chromium: CVE-2023-1812 Out of bounds memory access in DOM Bindings. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.910CVSS Base Score is 8.8. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00115, EPSS Percentile is 0.43675

MS PT Extended: CVE-2023-1812 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

66. Remote Code Execution - DHCP Server Service (CVE-2023-28231) - Medium [392]

Description: DHCP Server Service Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514DHCP Server Service
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00061, EPSS Percentile is 0.23876

qualys: CVE-2023-28231: DHCP Server Service Remote Code Execution Vulnerability Dynamic Host Configuration Protocol (DHCP) is a network server that helps clients successfully communicate on the network. The protocol provides an Internet Protocol (IP) host with its IP address. An authenticated attacker may exploit this vulnerability by sending a specially crafted RPC call to the DHCP service. An attacker must gain access to the restricted network before performing the attack for successful exploitation.

tenable: CVE-2023-28231 | DHCP Server Service Remote Code Execution Vulnerability

tenable: CVE-2023-28231 is a RCE vulnerability affecting the Dynamic Host Configuration Protocol (DHCP) server service. Microsoft rates this vulnerability as “Exploitation More Likely” according to the Microsoft Exploitability Index. With a CVSSv3 score of 8.8, successful exploitation requires an attacker to be on an adjacent network prior to using a crafted RPC call to exploit the flaw.

rapid7: DHCP server vulnerability CVE-2023-28231 requires an attacker to be on the same network as the target, but offers RCE via a specially crafted RPC call. Microsoft considers that exploitation is more likely.

67. Denial of Service - Microsoft Defender (CVE-2023-24860) - Medium [389]

Description: Microsoft Defender Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Anti-malware component of Microsoft Windows
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

rapid7: The hunter becomes the hunted as Microsoft patches a Denial of Service vulnerability in Defender. The advisory for CVE-2023-24860 includes some unusual guidance: “Systems that have disabled Microsoft Defender are not in an exploitable state.” In practice this vulnerability is less likely to be exploited, and the default update cadence for Defender should mean that most assets are automatically patched in a short timeframe.

68. Denial of Service - Windows Network Address Translation (NAT) (CVE-2023-28217) - Medium [389]

Description: Windows Network Address Translation (NAT) Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

69. Denial of Service - Windows Secure Channel (CVE-2023-24931) - Medium [389]

Description: Windows Secure Channel Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

70. Denial of Service - Windows Secure Channel (CVE-2023-28233) - Medium [389]

Description: Windows Secure Channel Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

71. Denial of Service - Windows Secure Channel (CVE-2023-28234) - Medium [389]

Description: Windows Secure Channel Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

72. Denial of Service - Windows Secure Socket Tunneling Protocol (SSTP) (CVE-2023-28241) - Medium [389]

Description: Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00069, EPSS Percentile is 0.28115

73. Security Feature Bypass - Windows Boot Manager (CVE-2023-28249) - Medium [389]

Description: Windows Boot Manager Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.610CVSS Base Score is 6.2. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00051, EPSS Percentile is 0.17724

74. Security Feature Bypass - Windows Boot Manager (CVE-2023-28269) - Medium [389]

Description: Windows Boot Manager Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.610CVSS Base Score is 6.2. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00051, EPSS Percentile is 0.17724

75. Elevation of Privilege - RPC (CVE-2023-28268) - Medium [377]

Description: Netlogon RPC Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Remote Procedure Call Runtime
CVSS Base Score0.810CVSS Base Score is 8.1. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00138, EPSS Percentile is 0.47905

76. Security Feature Bypass - Azure Service Connector (CVE-2023-28300) - Medium [375]

Description: Azure Service Connector Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.514Azure Service Connector
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00065, EPSS Percentile is 0.26712

rapid7: The other Azure vulnerability this month is a Azure Service Connector Security Feature Bypass. Microsoft rates Attack Complexity for CVE-2023-28300 as High, since this vulnerability is only useful when chained with other exploits to defeat other security measures. However, the Azure Service Connector only updates when the Azure Command-Line Interface is updated, and automatic updates are not enabled by default.

77. Memory Corruption - Microsoft Edge (CVE-2023-1819) - Medium [371]

Description: Chromium: CVE-2023-1819 Out of bounds read in Accessibility. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00101, EPSS Percentile is 0.40133

MS PT Extended: CVE-2023-1819 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

78. Remote Code Execution - Visual Studio Code (CVE-2023-24893) - Medium [371]

Description: Visual Studio Code Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.314Integrated development environment
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00113, EPSS Percentile is 0.4346

79. Security Feature Bypass - Microsoft Edge (CVE-2023-28286) - Medium [365]

Description: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.610CVSS Base Score is 6.1. According to Microsoft data source
EPSS Percentile010EPSS Probability is 0, EPSS Percentile is 0

MS PT Extended: CVE-2023-28286 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

80. Denial of Service - Windows Kernel (CVE-2023-28298) - Medium [358]

Description: Windows Kernel Denial of Service Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.715Denial of Service
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

81. Remote Code Execution - Microsoft Publisher (CVE-2023-28287) - Medium [357]

Description: Microsoft Publisher Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Microsoft Publisher
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile010EPSS Probability is 0, EPSS Percentile is 0

82. Remote Code Execution - Microsoft Publisher (CVE-2023-28295) - Medium [357]

Description: Microsoft Publisher Remote Code Execution Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.514Microsoft Publisher
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile010EPSS Probability is 0, EPSS Percentile is 0

83. Security Feature Bypass - Windows Group Policy (CVE-2023-28276) - Medium [353]

Description: Windows Group Policy Security Feature Bypass Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.410CVSS Base Score is 4.4. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

84. Information Disclosure - Windows Network File System (CVE-2023-28247) - Medium [347]

Description: Windows Network File System Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.5. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00114, EPSS Percentile is 0.4356

rapid7: Windows Server administrators should take note of CVE-2023-28247. Successful exploitation allows an attacker to view contents of kernel memory remotely from the context of a user process. Microsoft lists Windows Server 2012, 2016, 2019, and 2022 as vulnerable. Although Microsoft assesses that exploitation is less likely, Windows stores many secrets in kernel memory, including cryptographic keys.

85. Information Disclosure - Windows Remote Desktop Protocol (CVE-2023-28267) - Medium [347]

Description: Remote Desktop Protocol Client Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 6.5. According to Microsoft data source
EPSS Percentile0.510EPSS Probability is 0.00145, EPSS Percentile is 0.49074

86. Spoofing - Microsoft Edge (CVE-2023-1816) - Medium [347]

Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1816 Incorrect security UI in Picture In Picture. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)', 'combined_cve_data_all': ''}

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.0016, EPSS Percentile is 0.51153

MS PT Extended: CVE-2023-1816 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

87. Spoofing - Microsoft Edge (CVE-2023-1822) - Medium [347]

Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1822 Incorrect security UI in Navigation. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.510EPSS Probability is 0.0016, EPSS Percentile is 0.51153

MS PT Extended: CVE-2023-1822 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

88. Elevation of Privilege - Windows Kernel (CVE-2023-28236) - Medium [346]

Description: Windows Kernel Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

89. Elevation of Privilege - Windows Kernel (CVE-2023-28248) - Medium [346]

Description: Windows Kernel Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

90. Elevation of Privilege - Windows Kernel (CVE-2023-28272) - Medium [346]

Description: Windows Kernel Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

91. Elevation of Privilege - Windows Kernel (CVE-2023-28293) - Medium [346]

Description: Windows Kernel Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

92. Elevation of Privilege - Windows NTLM (CVE-2023-28225) - Medium [346]

Description: Windows NTLM Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

93. Elevation of Privilege - Windows Remote Procedure Call Service (RPCSS) (CVE-2023-28297) - Medium [341]

Description: Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.910CVSS Base Score is 8.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00046, EPSS Percentile is 0.12854

qualys: Other Microsoft Vulnerability Highlights CVE-2023-21727 allows an attacker to perform remote code execution on the server side with the same permissions as the RPC service by sending a specially crafted RPC call to an RPC host. CVE-2023-28297 allows an attacker to gain SYSTEM privileges by running a specially crafted application. The specially crafted application may lead to remote code execution with elevated permissions. CVE-2023-28240, an attacker on the same subnet as the target system, may send a specially crafted packet to a server configured as a Network Load Balancing cluster host to exploit this vulnerability. An attacker can trigger CVE-2023-28275 by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB. An attacker can perform remote code execution on successful exploitation. CVE-2023-24884, CVE-2023-24885, CVE-2023-24886, CVE-2023-24887, CVE-2023-24924, CVE-2023-24925, CVE-2023-24926, CVE-2023-24927, CVE-2023-24928, CVE-2023-24929, CVE-2023-28243 vulnerabilities allow an authenticated attacker to send a modified XPS file to a shared printer leading to remote code execution.

94. Elevation of Privilege - Windows Kernel (CVE-2023-28222) - Medium [334]

Description: Windows Kernel Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.710CVSS Base Score is 7.1. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

95. Elevation of Privilege - Windows Win32k (CVE-2023-24914) - Medium [334]

Description: Win32k Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914Windows kernel-mode driver
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

96. Elevation of Privilege - Windows Graphics Component (CVE-2023-24912) - Medium [329]

Description: Windows Graphics Component Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

97. Elevation of Privilege - Windows Registry (CVE-2023-28246) - Medium [329]

Description: Windows Registry Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

98. Elevation of Privilege - Visual Studio (CVE-2023-28262) - Medium [327]

Description: Visual Studio Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.314Integrated development environment
CVSS Base Score0.810CVSS Base Score is 7.8. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

99. Information Disclosure - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24883) - Medium [323]

Description: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Microsoft standard printer driver for PostScript printers
CVSS Base Score0.710CVSS Base Score is 6.5. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00068, EPSS Percentile is 0.27969

100. Information Disclosure - Windows Snipping Tool (CVE-2023-28303) - Medium [321]

Description: Windows Snipping Tool Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.310CVSS Base Score is 3.3. According to Microsoft data source
EPSS Percentile010EPSS Probability is 0, EPSS Percentile is 0

MS PT Extended: CVE-2023-28303 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

101. Spoofing - Visual Studio (CVE-2023-28299) - Medium [321]

Description: Visual Studio Spoofing Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.314Integrated development environment
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.410EPSS Probability is 0.00093, EPSS Percentile is 0.38369

102. Elevation of Privilege - Windows Advanced Local Procedure Call (ALPC) (CVE-2023-28216) - Medium [317]

Description: Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

103. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2023-28218) - Medium [317]

Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

104. Elevation of Privilege - Windows CNG Key Isolation Service (CVE-2023-28229) - Medium [317]

Description: Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

105. Elevation of Privilege - Windows Clip Service (CVE-2023-28273) - Medium [317]

Description: Windows Clip Service Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00043, EPSS Percentile is 0.07644

106. Elevation of Privilege - Windows Error Reporting Service (CVE-2023-28221) - Medium [317]

Description: Windows Error Reporting Service Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.710CVSS Base Score is 7.0. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

107. Information Disclosure - Windows DNS Server (CVE-2023-28277) - Medium [316]

Description: Windows DNS Server Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.914Windows component
CVSS Base Score0.510CVSS Base Score is 4.9. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00068, EPSS Percentile is 0.27969

108. Spoofing - Windows Kernel (CVE-2023-28228) - Medium [316]

Description: Windows Spoofing Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00057, EPSS Percentile is 0.21533

109. Spoofing - Microsoft Edge (CVE-2023-24935) - Medium [311]

Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.610CVSS Base Score is 6.1. According to Vulners data source
EPSS Percentile0.310EPSS Probability is 0.00063, EPSS Percentile is 0.25029

MS PT Extended: CVE-2023-24935 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

110. Information Disclosure - Remote Procedure Call Runtime (CVE-2023-21729) - Medium [304]

Description: Remote Procedure Call Runtime Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.914Remote Procedure Call Runtime
CVSS Base Score0.410CVSS Base Score is 4.3. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00063, EPSS Percentile is 0.25029

111. Information Disclosure - Windows Kernel (CVE-2023-28253) - Medium [304]

Description: Windows Kernel Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.914Windows Kernel
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

112. Spoofing - Microsoft SharePoint (CVE-2023-28288) - Medium [295]

Description: Microsoft SharePoint Server Spoofing Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.714Microsoft SharePoint
CVSS Base Score0.710CVSS Base Score is 6.5. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00054, EPSS Percentile is 0.19524

113. Elevation of Privilege - Microsoft Edge (CVE-2023-28261) - Medium [294]

Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.610CVSS Base Score is 6.1. According to Microsoft data source
EPSS Percentile010EPSS Probability is 0, EPSS Percentile is 0

MS PT Extended: CVE-2023-28261 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

114. Information Disclosure - Windows Common Log File System Driver (CVE-2023-28266) - Medium [288]

Description: Windows Common Log File System Driver Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

115. Information Disclosure - Windows Kernel Memory (CVE-2023-28271) - Medium [288]

Description: Windows Kernel Memory Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Windows component
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

116. Information Disclosure - Visual Studio (CVE-2023-28263) - Medium [285]

Description: Visual Studio Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists0.417The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit)
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.314Integrated development environment
CVSS Base Score0.610CVSS Base Score is 5.5. According to Microsoft data source
EPSS Percentile0.110EPSS Probability is 0.00048, EPSS Percentile is 0.1457

117. Cross Site Scripting - Microsoft Dynamics 365 (on-premises) (CVE-2023-28309) - Medium [273]

Description: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Cross Site Scripting
Vulnerable Product is Common0.514Microsoft Dynamics 365 (on-premises)
CVSS Base Score0.810CVSS Base Score is 7.6. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00049, EPSS Percentile is 0.16368

118. Tampering - Microsoft Edge (CVE-2023-28301) - Medium [270]

Description: Microsoft Edge (Chromium-based) Tampering Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.315Tampering
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.410CVSS Base Score is 4.2. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00063, EPSS Percentile is 0.25029

MS PT Extended: CVE-2023-28301 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

119. Unknown Vulnerability Type - Microsoft Edge (CVE-2023-1821) - Medium [264]

Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1821 Inappropriate implementation in WebShare. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type015Unknown Vulnerability Type
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.410EPSS Probability is 0.00087, EPSS Percentile is 0.35267

MS PT Extended: CVE-2023-1821 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

120. Cross Site Scripting - Microsoft Dynamics 365 (on-premises) (CVE-2023-28314) - Medium [261]

Description: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Cross Site Scripting
Vulnerable Product is Common0.514Microsoft Dynamics 365 (on-premises)
CVSS Base Score0.610CVSS Base Score is 6.1. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00063, EPSS Percentile is 0.25029

121. Cross Site Scripting - Microsoft Dynamics 365 Customer Voice (CVE-2023-28313) - Medium [261]

Description: Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Cross Site Scripting
Vulnerable Product is Common0.514Microsoft Dynamics 365 Customer Voice
CVSS Base Score0.610CVSS Base Score is 6.1. According to Microsoft data source
EPSS Percentile0.310EPSS Probability is 0.00063, EPSS Percentile is 0.25029

122. Information Disclosure - Azure Machine Learning (CVE-2023-28312) - Medium [261]

Description: Azure Machine Learning Information Disclosure Vulnerability

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.514Azure Machine Learning
CVSS Base Score0.710CVSS Base Score is 6.5. According to Microsoft data source
EPSS Percentile0.210EPSS Probability is 0.00052, EPSS Percentile is 0.18441

rapid7: Machine learning is everywhere these days, and this month’s Patch Tuesday is no exception: CVE-2023-28312 describes a vulnerability in Azure Machine Learning which allows an attacker to access system logs, although any attack would need to be launched from within the same secure network. The advisory contains links to Microsoft detection and remediation guidance.

123. Unknown Vulnerability Type - Microsoft Edge (CVE-2023-1813) - Medium [240]

Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1813 Inappropriate implementation in Extensions. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)', 'combined_cve_data_all': ''}

ComponentValueWeightComment
Exploited in the Wild018Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017The exploit's existence is NOT mentioned on Vulners and Microsoft websites.
Criticality of Vulnerability Type015Unknown Vulnerability Type
Vulnerable Product is Common0.814Web browser
CVSS Base Score0.710CVSS Base Score is 6.5. According to Vulners data source
EPSS Percentile0.210EPSS Probability is 0.00054, EPSS Percentile is 0.20565

MS PT Extended: CVE-2023-1813 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10

Low (0)

Exploitation in the wild detected (1)

Elevation of Privilege (1)

Public exploit exists, but exploitation in the wild is NOT detected (1)

Remote Code Execution (1)

Other Vulnerabilities (121)

Remote Code Execution (44)

Security Feature Bypass (11)

Elevation of Privilege (20)

Memory Corruption (14)

Denial of Service (9)

Information Disclosure (11)

Spoofing (6)

Cross Site Scripting (3)

Tampering (1)

Unknown Vulnerability Type (2)