Report Name: Microsoft Patch Tuesday, April 2023Generated: 2023-04-11 21:56:55
| Product Name | Prevalence | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Kerberos | 1 | 1 | Kerberos | ||||
| Microsoft Message Queuing | 0.9 | 3 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | ||||
| Remote Procedure Call Runtime | 0.9 | 1 | 1 | Remote Procedure Call Runtime | |||
| Windows DNS Server | 0.9 | 8 | 1 | Windows component | |||
| Windows Kernel | 0.9 | 5 | 10 | Windows Kernel | |||
| Windows NTLM | 0.9 | 1 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | ||||
| Windows Win32k | 0.9 | 1 | 1 | Windows kernel-mode driver | |||
| Microsoft Defender | 0.8 | 1 | Anti-malware component of Microsoft Windows | ||||
| Microsoft Edge | 0.8 | 5 | 21 | Web browser | |||
| Microsoft PostScript and PCL6 Class Printer Driver | 0.8 | 11 | 1 | Microsoft standard printer driver for PostScript printers | |||
| RPC | 0.8 | 1 | Remote Procedure Call Runtime | ||||
| Windows Advanced Local Procedure Call (ALPC) | 0.8 | 1 | Windows component | ||||
| Windows Ancillary Function Driver for WinSock | 0.8 | 1 | Windows component | ||||
| Windows Bluetooth Driver | 0.8 | 1 | Windows component | ||||
| Windows Boot Manager | 0.8 | 2 | Windows component | ||||
| Windows CNG Key Isolation Service | 0.8 | 1 | Windows component | ||||
| Windows Common Log File System Driver | 0.8 | 1 | 1 | Windows component | |||
| Windows Error Reporting Service | 0.8 | 1 | Windows component | ||||
| Windows Graphics Component | 0.8 | 1 | Windows component | ||||
| Windows Group Policy | 0.8 | 1 | Windows component | ||||
| Windows Internet Key Exchange (IKE) Protocol Extensions | 0.8 | 1 | Windows component | ||||
| Windows Kernel Memory | 0.8 | 1 | Windows component | ||||
| Windows Lock Screen | 0.8 | 2 | Windows component | ||||
| Windows Network Address Translation (NAT) | 0.8 | 1 | Windows component | ||||
| Windows Network File System | 0.8 | 1 | Windows component | ||||
| Windows Point-to-Point Protocol over Ethernet (PPPoE) | 0.8 | 1 | Windows component | ||||
| Windows Point-to-Point Tunneling Protocol | 0.8 | 1 | Windows component | ||||
| Windows Registry | 0.8 | 1 | Windows component | ||||
| Windows Remote Desktop Protocol | 0.8 | 1 | Windows component | ||||
| Windows Remote Procedure Call | 0.8 | 1 | Windows component | ||||
| Windows Secure Channel | 0.8 | 3 | Windows component | ||||
| Windows Secure Socket Tunneling Protocol (SSTP) | 0.8 | 1 | Windows component | ||||
| .NET | 0.7 | 1 | .NET | ||||
| Microsoft SharePoint | 0.7 | 1 | Microsoft SharePoint | ||||
| Raw Image Extension | 0.7 | 2 | Raw Image Extension | ||||
| Microsoft Office Graphics | 0.6 | 1 | Microsoft Office Graphics | ||||
| Microsoft SQL | 0.6 | 1 | Microsoft SQL | ||||
| Microsoft Word | 0.6 | 1 | MS Office product | ||||
| Microsoft Dynamics 365 | 0.5 | 1 | Microsoft Dynamics 365 is a product line of enterprise resource planning (ERP) and customer relationship management (CRM) intelligent business applications | ||||
| Microsoft Dynamics 365 (on-premises) | 0.5 | 2 | Microsoft Dynamics 365 (on-premises) | ||||
| Microsoft Publisher | 0.5 | 2 | Microsoft Publisher | ||||
| Microsoft WDAC OLE DB provider for SQL Server | 0.5 | 1 | Microsoft WDAC OLE DB provider for SQL Server | ||||
| Azure | 0.4 | 2 | Azure | ||||
| Visual Studio | 0.3 | 1 | 3 | Integrated development environment | |||
| Visual Studio Code | 0.3 | 1 | Integrated development environment | ||||
| Unknown Product | 0 | 2 | 3 | Unknown Product |
| Vulnerability Type | Criticality | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 41 | 4 | Remote Code Execution | |||
| Security Feature Bypass | 0.9 | 9 | 3 | Security Feature Bypass | |||
| Denial of Service | 0.7 | 8 | 1 | Denial of Service | |||
| Memory Corruption | 0.6 | 1 | 13 | Memory Corruption | |||
| Elevation of Privilege | 0.5 | 1 | 1 | 19 | Elevation of Privilege | ||
| Cross Site Scripting | 0.4 | 3 | Cross Site Scripting | ||||
| Information Disclosure | 0.4 | 11 | Information Disclosure | ||||
| Spoofing | 0.4 | 6 | Spoofing | ||||
| Tampering | 0.3 | 1 | Tampering | ||||
| Unknown Vulnerability Type | 0 | 2 | Unknown Vulnerability Type |
1. 
Elevation of Privilege - Windows Common Log File System Driver (CVE-2023-28252) - Critical [741]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (cisa_kev object), Microsoft websites | |
| 0.6 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Functional Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
tenable: CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
tenable: CVE-2023-28252 is an EoP vulnerability in the Windows Common Log File System (CLFS) Driver, a logging service used by kernel-mode and user-mode applications. It was assigned a CVSSv3 score of 7.8. This vulnerability is a post-compromise flaw, meaning an attacker could exploit it after gaining access to a vulnerable target. Successful exploitation would elevate an attacker’s privileges SYSTEM. According to Microsoft, it was exploited in the wild as a zero day. Its discovery is attributed to Genwei Wang of Mandiant and Quan Jin withDBAPPSecurity WeBin Lab.
tenable: CVE-2023-28252 is the second CLFS Driver EoP vulnerability to be exploited in the wild in 2023, as CVE-2023-23376 was disclosed in the February 2023 Patch Tuesday. It is the fourth known CLFS EoP vulnerability to be exploited in the wild in the last two years, following CVE-2022-24521 from the April 2022 Patch Tuesday and CVE-2022-37969 from the September 2022 Patch Tuesday release. CVE-2022-37969 was also disclosed to Microsoft by Wang and Jin, though it is unclear if there is any connection between both flaws.
zdi: CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. This is the one bug under active attack this month, and if it seems familiar, that’s because there was a similar 0-day patched in the same component just two months ago. To me, that implies the original fix was insufficient and attackers have found a method to bypass that fix. As in February, there is no information about how widespread these attacks may be. This type of exploit is typically paired with a code execution bug to spread malware or ransomware. Definitely test and deploy this patch quickly.
2. 
Remote Code Execution - .NET (CVE-2023-28260) - High [535]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | .NET | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
3. Remote Code Execution - Microsoft Message Queuing (CVE-2023-21554) - High [508]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | |
| 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Microsoft data |
tenable: CVE-2023-21554 | Microsoft Message Queuing Remote Code Execution Vulnerability
tenable: CVE-2023-21554 is a RCE vulnerability affecting Microsoft Message Queuing (MSMQ) with a CVSSv3 score of 9.8. An attacker could exploit this flaw by sending a specially crafted MSMQ packet to an affected MSMQ server. Microsoft’s advisory notes that exploitation of this flaw requires the Windows message queuing service to be enabled. When enabled, TCP port 1801 will be listening on the host.
zdi: CVE-2023-21554 – Microsoft Message Queuing Remote Code Execution Vulnerability. This is a CVSS 9.8 bug and receives Microsoft’s highest exploitability rating. It allows a remote, unauthenticated attacker to run their code with elevated privileges on affected servers with the Message Queuing service enabled. This service is disabled by default but is commonly used by many contact center applications. It listens to TCP port 1801 by default, so blocking this at the perimeter would prevent external attacks. However, it’s not clear what impact this may have on operations. Your best option is to test and deploy the update.
4. Remote Code Execution - Windows Kernel (CVE-2023-28250) - High [508]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows Kernel | |
| 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Microsoft data |
tenable: CVE-2023-28250 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
tenable: CVE-2023-28250 is a RCE vulnerability affecting Windows Pragmatic General Multicast (PGM). Successful exploitation requires the MSMQ service to be enabled. An attacker could exploit this flaw by sending a crafted file over the network in order to execute arbitrary code. This vulnerability has a CVSSv3 score of 9.8 and impacts supported versions of Windows including Server Core installations.
5. Remote Code Execution - Remote Procedure Call Runtime (CVE-2023-21727) - High [494]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Remote Procedure Call Runtime | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
6. Remote Code Execution - Windows Kernel (CVE-2023-28240) - High [494]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows Kernel | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
7. Remote Code Execution - Windows Kernel (CVE-2023-28237) - High [481]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
8. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24884) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
9. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24885) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
10. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24886) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
11. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24887) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
12. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24924) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
13. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24925) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
14. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24926) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
15. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24927) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
16. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24928) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
17. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24929) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
18. Remote Code Execution - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-28243) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
19. Elevation of Privilege - Windows Win32k (CVE-2023-28274) - High [471]
Description: Windows
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows kernel-mode driver | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
20. Remote Code Execution - Windows DNS Server (CVE-2023-28254) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.2. Based on Microsoft data |
21. Remote Code Execution - Windows DNS Server (CVE-2023-28255) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
22. Remote Code Execution - Windows DNS Server (CVE-2023-28256) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
23. Remote Code Execution - Windows DNS Server (CVE-2023-28278) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
24. Remote Code Execution - Windows DNS Server (CVE-2023-28305) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
25. Remote Code Execution - Windows DNS Server (CVE-2023-28306) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
26. Remote Code Execution - Windows DNS Server (CVE-2023-28307) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
27. Remote Code Execution - Windows DNS Server (CVE-2023-28308) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
28. Remote Code Execution - Windows Kernel (CVE-2023-28223) - High [467]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
29. Remote Code Execution - Windows Bluetooth Driver (CVE-2023-28227) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
30. Remote Code Execution - Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2023-28238) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
31. Remote Code Execution - Windows Point-to-Point Tunneling Protocol (CVE-2023-28232) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
32. Remote Code Execution - Visual Studio (CVE-2023-28296) - High [459]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0.3 | 14 | Integrated development environment | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.4. Based on Microsoft data |
33. Remote Code Execution - Windows Point-to-Point Protocol over Ethernet (PPPoE) (CVE-2023-28224) - High [448]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
34. Remote Code Execution - Raw Image Extension (CVE-2023-28291) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Raw Image Extension | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.4. Based on Microsoft data |
35. Remote Code Execution - Raw Image Extension (CVE-2023-28292) - High [443]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Raw Image Extension | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
36. 
Security Feature Bypass - Microsoft Edge (CVE-2023-1814) - High [428]
Description: Chromium: CVE-2023-1814
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1814 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
37. Security Feature Bypass - Microsoft Edge (CVE-2023-1817) - High [428]
Description: Chromium: CVE-2023-1817
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1817 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
38. Security Feature Bypass - Microsoft Edge (CVE-2023-1823) - High [428]
Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1823 Inappropriate implementation in FedCM. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1823 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
39. Security Feature Bypass - Windows Lock Screen (CVE-2023-28235) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on Microsoft data |
40. Security Feature Bypass - Windows Lock Screen (CVE-2023-28270) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on Microsoft data |
41. Remote Code Execution - Microsoft Office Graphics (CVE-2023-28285) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office Graphics | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
42. Remote Code Execution - Microsoft Word (CVE-2023-28311) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | MS Office product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
43. 
Denial of Service - Microsoft Message Queuing (CVE-2023-21769) - High [420]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.9 | 14 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
tenable: In addition to this RCE flaw, two denial of service CVEs (CVE-2023-21769 and CVE-2023-28302) rated as “important” were also patched in MSMQ this month.
44. Denial of Service - Microsoft Message Queuing (CVE-2023-28302) - High [420]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.9 | 14 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
tenable: In addition to this RCE flaw, two denial of service CVEs (CVE-2023-21769 and CVE-2023-28302) rated as “important” were also patched in MSMQ this month.
45. Security Feature Bypass - Windows Kernel (CVE-2023-28226) - High [420]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.9 | 14 | Windows Kernel | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.3. Based on Microsoft data |
46. Remote Code Execution - Microsoft WDAC OLE DB provider for SQL Server (CVE-2023-28275) - High [418]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft WDAC OLE DB provider for SQL Server | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
47. Security Feature Bypass - Microsoft Edge (CVE-2023-28286) - High [414]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
MS PT Extended: CVE-2023-28286 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
48. Security Feature Bypass - Windows Boot Manager (CVE-2023-28249) - High [414]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.2. Based on Microsoft data |
49. Security Feature Bypass - Windows Boot Manager (CVE-2023-28269) - High [414]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.2. Based on Microsoft data |
50. Remote Code Execution - Microsoft SQL (CVE-2023-23384) - High [410]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft SQL | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.3. Based on Microsoft data |
zdi: CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability. This is a silent patch released by Microsoft in February and is just now being documented. The problem of silent patching has already been well documented, so I won’t rehash it here. The patch fixes an OOB Write bug in the SQLcmd tool that could allow a remote, unauthenticated attacker to exploit code with elevated privileges. While not listed in the CVSS, the attack complexity seems high since the attacker can only control a few bytes at a time. A server crash is much more likely. If you’re running SQL server, read the Cumulative Update table to ensure you have both the February and April updates installed.
51. 
Memory Corruption - Microsoft Edge (CVE-2023-1529) - High [408]
Description: Chromium: CVE-2023-1529
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 1.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data |
MS PT Extended: CVE-2023-1529 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
52. Remote Code Execution - Microsoft Publisher (CVE-2023-28287) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft Publisher | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
53. Remote Code Execution - Microsoft Publisher (CVE-2023-28295) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft Publisher | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
54. Remote Code Execution - Unknown Product (CVE-2023-23375) - High [402]
Description: {'ms_cve_data_all': 'Microsoft ODBC and OLE DB Remote Code Execution Vulnerability', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0 | 14 | Unknown Product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
55. Remote Code Execution - Unknown Product (CVE-2023-28304) - High [402]
Description: {'ms_cve_data_all': 'Microsoft ODBC and OLE DB Remote Code Execution Vulnerability', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 1.0 | 15 | Remote Code Execution | |
| 0 | 14 | Unknown Product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
56. Denial of Service - Microsoft Defender (CVE-2023-24860) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Anti-malware component of Microsoft Windows | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
57. Denial of Service - Windows Network Address Translation (NAT) (CVE-2023-28217) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
58. Denial of Service - Windows Secure Channel (CVE-2023-24931) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
59. Denial of Service - Windows Secure Channel (CVE-2023-28233) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
60. Denial of Service - Windows Secure Channel (CVE-2023-28234) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
61. Denial of Service - Windows Secure Socket Tunneling Protocol (SSTP) (CVE-2023-28241) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
62. Elevation of Privilege - Kerberos (CVE-2023-28244) - Medium [398]
Description: Windows
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 1 | 14 | Kerberos | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
63. Memory Corruption - Microsoft Edge (CVE-2023-1528) - Medium [394]
Description: Chromium: CVE-2023-1528
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2023-1528 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
64. Memory Corruption - Microsoft Edge (CVE-2023-1530) - Medium [394]
Description: Chromium: CVE-2023-1530
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2023-1530 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
65. Memory Corruption - Microsoft Edge (CVE-2023-1531) - Medium [394]
Description: Chromium: CVE-2023-1531
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2023-1531 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
66. Memory Corruption - Microsoft Edge (CVE-2023-1532) - Medium [394]
Description: Chromium: CVE-2023-1532
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2023-1532 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
67. Memory Corruption - Microsoft Edge (CVE-2023-1533) - Medium [394]
Description: Chromium: CVE-2023-1533
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1533 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
68. Memory Corruption - Microsoft Edge (CVE-2023-1534) - Medium [394]
Description: Chromium: CVE-2023-1534
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1534 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
69. Memory Corruption - Microsoft Edge (CVE-2023-1810) - Medium [394]
Description: Chromium: CVE-2023-1810 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1810 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
70. Memory Corruption - Microsoft Edge (CVE-2023-1811) - Medium [394]
Description: Chromium: CVE-2023-1811
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1811 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
71. Memory Corruption - Microsoft Edge (CVE-2023-1812) - Medium [394]
Description: Chromium: CVE-2023-1812
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1812 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
72. Memory Corruption - Microsoft Edge (CVE-2023-1815) - Medium [394]
Description: Chromium: CVE-2023-1815
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1815 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
73. Memory Corruption - Microsoft Edge (CVE-2023-1818) - Medium [394]
Description: Chromium: CVE-2023-1818
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1818 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
74. Memory Corruption - Microsoft Edge (CVE-2023-1820) - Medium [394]
Description: Chromium: CVE-2023-1820 Heap
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Vulners data |
MS PT Extended: CVE-2023-1820 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
75. Denial of Service - Windows Kernel (CVE-2023-28298) - Medium [393]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.9 | 14 | Windows Kernel | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
76. Security Feature Bypass - Microsoft Edge (CVE-2023-28284) - Medium [387]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Web browser | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on Microsoft data |
MS PT Extended: CVE-2023-28284 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
77. Security Feature Bypass - Windows Group Policy (CVE-2023-28276) - Medium [387]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.4. Based on Microsoft data |
78. 
Information Disclosure - Windows Kernel (CVE-2023-28303) - Medium [383]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Windows Kernel | |
| 0.3 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 3.3. Based on Microsoft data |
MS PT Extended: CVE-2023-28303 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
79. Elevation of Privilege - Windows Kernel (CVE-2023-28236) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
80. Elevation of Privilege - Windows Kernel (CVE-2023-28248) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
81. Elevation of Privilege - Windows Kernel (CVE-2023-28272) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
82. Elevation of Privilege - Windows Kernel (CVE-2023-28293) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
83. Elevation of Privilege - Windows NTLM (CVE-2023-28225) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
84. Elevation of Privilege - Windows Remote Procedure Call (CVE-2023-28297) - Medium [374]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
85. Memory Corruption - Microsoft Edge (CVE-2023-1819) - Medium [367]
Description: Chromium: CVE-2023-1819
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1819 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
86. Remote Code Execution - Visual Studio Code (CVE-2023-24893) - Medium [367]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.3 | 14 | Integrated development environment | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
87. Elevation of Privilege - Windows Kernel (CVE-2023-28222) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
88. Elevation of Privilege - Windows Kernel (CVE-2023-28273) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
89. Elevation of Privilege - Windows Win32k (CVE-2023-24914) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows kernel-mode driver | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
90. Security Feature Bypass - Azure (CVE-2023-28300) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.4 | 14 | Azure | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
91. Elevation of Privilege - RPC (CVE-2023-28268) - Medium [360]
Description: Netlogon
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Remote Procedure Call Runtime | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
92. Elevation of Privilege - Windows Graphics Component (CVE-2023-24912) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
93. Elevation of Privilege - Windows Registry (CVE-2023-28246) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
94. Elevation of Privilege - Visual Studio (CVE-2023-28262) - Medium [358]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.3 | 14 | Integrated development environment | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
95. Elevation of Privilege - Windows Advanced Local Procedure Call (ALPC) (CVE-2023-28216) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
96. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2023-28218) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
97. Elevation of Privilege - Windows CNG Key Isolation Service (CVE-2023-28229) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
98. Elevation of Privilege - Windows Error Reporting Service (CVE-2023-28221) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
99. Information Disclosure - Windows Network File System (CVE-2023-28247) - Medium [340]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
100. Elevation of Privilege - Microsoft Edge (CVE-2023-28261) - Medium [333]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Web browser | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
MS PT Extended: CVE-2023-28261 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
101. Information Disclosure - Windows Kernel (CVE-2023-28253) - Medium [332]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Windows Kernel | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
102. 
Spoofing - Windows Kernel (CVE-2023-28228) - Medium [332]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.9 | 14 | Windows Kernel | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
103. Information Disclosure - Microsoft PostScript and PCL6 Class Printer Driver (CVE-2023-24883) - Medium [327]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Microsoft standard printer driver for PostScript printers | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
104. Information Disclosure - Windows Remote Desktop Protocol (CVE-2023-28267) - Medium [327]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
105. Spoofing - Microsoft Edge (CVE-2023-1816) - Medium [327]
Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1816 Incorrect security UI in Picture In Picture. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1816 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
106. Spoofing - Microsoft Edge (CVE-2023-1822) - Medium [327]
Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1822 Incorrect security UI in Navigation. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1822 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
107. Remote Code Execution - Unknown Product (CVE-2023-28231) - Medium [324]
Description: {'ms_cve_data_all': 'DHCP Server Service Remote Code Execution Vulnerability', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0 | 14 | Unknown Product | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
tenable: CVE-2023-28231 | DHCP Server Service Remote Code Execution Vulnerability
tenable: CVE-2023-28231 is a RCE vulnerability affecting the Dynamic Host Configuration Protocol (DHCP) server service. Microsoft rates this vulnerability as “Exploitation More Likely” according to the Microsoft Exploitability Index. With a CVSSv3 score of 8.8, successful exploitation requires an attacker to be on an adjacent network prior to using a crafted RPC call to exploit the flaw.
108. Information Disclosure - Windows DNS Server (CVE-2023-28277) - Medium [318]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.9. Based on Microsoft data |
109. Information Disclosure - Windows Common Log File System Driver (CVE-2023-28266) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
110. Information Disclosure - Windows Kernel Memory (CVE-2023-28271) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
111. Information Disclosure - Visual Studio (CVE-2023-28263) - Medium [310]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.4 | 15 | Information Disclosure | |
| 0.3 | 14 | Integrated development environment | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
112. Remote Code Execution - Unknown Product (CVE-2023-28219) - Medium [310]
Description: {'ms_cve_data_all': 'Layer 2 Tunneling Protocol Remote Code Execution Vulnerability', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0 | 14 | Unknown Product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
113. Remote Code Execution - Unknown Product (CVE-2023-28220) - Medium [310]
Description: {'ms_cve_data_all': 'Layer 2 Tunneling Protocol Remote Code Execution Vulnerability', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0 | 14 | Unknown Product | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
114. Spoofing - Visual Studio (CVE-2023-28299) - Medium [310]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.4 | 15 | Spoofing | |
| 0.3 | 14 | Integrated development environment | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
115. Spoofing - Microsoft SharePoint (CVE-2023-28288) - Medium [308]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
116. Information Disclosure - Remote Procedure Call Runtime (CVE-2023-21729) - Medium [305]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Remote Procedure Call Runtime | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.3. Based on Microsoft data |
117. 
Cross Site Scripting - Microsoft Dynamics 365 (on-premises) (CVE-2023-28309) - Medium [283]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Cross Site Scripting | |
| 0.5 | 14 | Microsoft Dynamics 365 (on-premises) | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.6. Based on Microsoft data |
118. 
Tampering - Microsoft Edge (CVE-2023-28301) - Medium [266]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.3 | 15 | Tampering | |
| 0.8 | 14 | Web browser | |
| 0.4 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.2. Based on Microsoft data |
MS PT Extended: CVE-2023-28301 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
119. Cross Site Scripting - Microsoft Dynamics 365 (on-premises) (CVE-2023-28314) - Medium [256]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Cross Site Scripting | |
| 0.5 | 14 | Microsoft Dynamics 365 (on-premises) | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
120. Cross Site Scripting - Microsoft Dynamics 365 (CVE-2023-28313) - Medium [256]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Cross Site Scripting | |
| 0.5 | 14 | Microsoft Dynamics 365 is a product line of enterprise resource planning (ERP) and customer relationship management (CRM) intelligent business applications | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.1. Based on Microsoft data |
121. Information Disclosure - Azure (CVE-2023-28312) - Medium [251]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.4 | 14 | Azure | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Microsoft data |
122. 
Unknown Vulnerability Type - Microsoft Edge (CVE-2023-1813) - Medium [245]
Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1813 Inappropriate implementation in Extensions. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1813 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
123. Unknown Vulnerability Type - Microsoft Edge (CVE-2023-1821) - Medium [245]
Description: {'ms_cve_data_all': 'Chromium: CVE-2023-1821 Inappropriate implementation in WebShare. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)', 'combined_cve_data_all': ''}
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0 | 15 | Unknown Vulnerability Type | |
| 0.8 | 14 | Web browser | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.5. Based on Vulners data |
MS PT Extended: CVE-2023-1821 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
124. Spoofing - Microsoft Edge (CVE-2023-24935) - Medium [232]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Web browser | |
| 0.0 | 10 | Vulnerability Severity Rating based on CVSS Base Score is NA. No data. |
MS PT Extended: CVE-2023-24935 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Elevation of Privilege (1)tenable: Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
tenable: CVE-2023-28252 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
tenable: CVE-2023-28252 is an EoP vulnerability in the Windows Common Log File System (CLFS) Driver, a logging service used by kernel-mode and user-mode applications. It was assigned a CVSSv3 score of 7.8. This vulnerability is a post-compromise flaw, meaning an attacker could exploit it after gaining access to a vulnerable target. Successful exploitation would elevate an attacker’s privileges SYSTEM. According to Microsoft, it was exploited in the wild as a zero day. Its discovery is attributed to Genwei Wang of Mandiant and Quan Jin withDBAPPSecurity WeBin Lab.
tenable: CVE-2023-28252 is the second CLFS Driver EoP vulnerability to be exploited in the wild in 2023, as CVE-2023-23376 was disclosed in the February 2023 Patch Tuesday. It is the fourth known CLFS EoP vulnerability to be exploited in the wild in the last two years, following CVE-2022-24521 from the April 2022 Patch Tuesday and CVE-2022-37969 from the September 2022 Patch Tuesday release. CVE-2022-37969 was also disclosed to Microsoft by Wang and Jin, though it is unclear if there is any connection between both flaws.
zdi: CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. This is the one bug under active attack this month, and if it seems familiar, that’s because there was a similar 0-day patched in the same component just two months ago. To me, that implies the original fix was insufficient and attackers have found a method to bypass that fix. As in February, there is no information about how widespread these attacks may be. This type of exploit is typically paired with a code execution bug to spread malware or ransomware. Definitely test and deploy this patch quickly.
Remote Code Execution (45)tenable: CVE-2023-21554 | Microsoft Message Queuing Remote Code Execution Vulnerability
tenable: CVE-2023-21554 is a RCE vulnerability affecting Microsoft Message Queuing (MSMQ) with a CVSSv3 score of 9.8. An attacker could exploit this flaw by sending a specially crafted MSMQ packet to an affected MSMQ server. Microsoft’s advisory notes that exploitation of this flaw requires the Windows message queuing service to be enabled. When enabled, TCP port 1801 will be listening on the host.
zdi: CVE-2023-21554 – Microsoft Message Queuing Remote Code Execution Vulnerability. This is a CVSS 9.8 bug and receives Microsoft’s highest exploitability rating. It allows a remote, unauthenticated attacker to run their code with elevated privileges on affected servers with the Message Queuing service enabled. This service is disabled by default but is commonly used by many contact center applications. It listens to TCP port 1801 by default, so blocking this at the perimeter would prevent external attacks. However, it’s not clear what impact this may have on operations. Your best option is to test and deploy the update.
tenable: CVE-2023-28250 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
tenable: CVE-2023-28250 is a RCE vulnerability affecting Windows Pragmatic General Multicast (PGM). Successful exploitation requires the MSMQ service to be enabled. An attacker could exploit this flaw by sending a crafted file over the network in order to execute arbitrary code. This vulnerability has a CVSSv3 score of 9.8 and impacts supported versions of Windows including Server Core installations.
zdi: CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability. This is a silent patch released by Microsoft in February and is just now being documented. The problem of silent patching has already been well documented, so I won’t rehash it here. The patch fixes an OOB Write bug in the SQLcmd tool that could allow a remote, unauthenticated attacker to exploit code with elevated privileges. While not listed in the CVSS, the attack complexity seems high since the attacker can only control a few bytes at a time. A server crash is much more likely. If you’re running SQL server, read the Cumulative Update table to ensure you have both the February and April updates installed.
tenable: CVE-2023-28231 | DHCP Server Service Remote Code Execution Vulnerability
tenable: CVE-2023-28231 is a RCE vulnerability affecting the Dynamic Host Configuration Protocol (DHCP) server service. Microsoft rates this vulnerability as “Exploitation More Likely” according to the Microsoft Exploitability Index. With a CVSSv3 score of 8.8, successful exploitation requires an attacker to be on an adjacent network prior to using a crafted RPC call to exploit the flaw.
Elevation of Privilege (20)MS PT Extended: CVE-2023-28261 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Security Feature Bypass (12)MS PT Extended: CVE-2023-28284 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1823 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1814 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-28286 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1817 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Denial of Service (9)tenable: In addition to this RCE flaw, two denial of service CVEs (CVE-2023-21769 and CVE-2023-28302) rated as “important” were also patched in MSMQ this month.
Memory Corruption (14)MS PT Extended: CVE-2023-1531 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1810 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1820 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1529 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1534 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1528 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1812 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1815 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1818 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1530 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1532 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1819 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1811 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1533 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Information Disclosure (11)MS PT Extended: CVE-2023-28303 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Spoofing (6)MS PT Extended: CVE-2023-1822 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1816 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-24935 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Cross Site Scripting (3)Tampering (1)MS PT Extended: CVE-2023-28301 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
Unknown Vulnerability Type (2)MS PT Extended: CVE-2023-1821 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10
MS PT Extended: CVE-2023-1813 was published before April 2023 Patch Tuesday from 2023-03-15 to 2023-04-10