Report Name: Microsoft Patch Tuesday, January 2023Generated: 2023-01-12 12:34:58
| Product Name | Prevalence | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Windows SMB | 1 | 1 | Windows component | ||||
| Microsoft Message Queuing | 0.9 | 1 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | ||||
| Remote Procedure Call Runtime | 0.9 | 1 | Remote Procedure Call Runtime | ||||
| Windows Kernel | 0.9 | 11 | Windows Kernel | ||||
| Windows NTLM | 0.9 | 1 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | ||||
| Windows Win32k | 0.9 | 1 | Windows kernel-mode driver | ||||
| BitLocker | 0.8 | 1 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | ||||
| Event Tracing for Windows | 0.8 | 2 | Windows component | ||||
| Microsoft Cryptographic Services | 0.8 | 3 | he Cryptographic Services is a Microsoft Windows feature that encrypts and decrypts data on storage devices when they are accessed | ||||
| Microsoft DWM Core Library | 0.8 | 1 | Windows component | ||||
| Microsoft Edge | 0.8 | 5 | Web browser | ||||
| Microsoft Exchange | 0.8 | 5 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | ||||
| Windows Advanced Local Procedure Call (ALPC) | 0.8 | 1 | Windows component | ||||
| Windows Ancillary Function Driver for WinSock | 0.8 | 1 | Windows component | ||||
| Windows Authentication | 0.8 | 1 | Windows component | ||||
| Windows Backup Service | 0.8 | 1 | Windows component | ||||
| Windows Bind Filter Driver | 0.8 | 1 | Windows component | ||||
| Windows Bluetooth Driver | 0.8 | 1 | Windows component | ||||
| Windows Boot Manager | 0.8 | 1 | Windows component | ||||
| Windows Credential Manager User Interface | 0.8 | 1 | Windows component | ||||
| Windows Cryptographic | 0.8 | 3 | Windows component | ||||
| Windows Error Reporting Service | 0.8 | 1 | Windows component | ||||
| Windows GDI | 0.8 | 1 | 1 | Windows component | |||
| Windows Installer | 0.8 | 1 | Windows component | ||||
| Windows Internet Key Exchange (IKE) Extension | 0.8 | 3 | Windows component | ||||
| Windows Layer 2 Tunneling Protocol (L2TP) | 0.8 | 6 | Windows component | ||||
| Windows Lightweight Directory Access Protocol (LDAP) | 0.8 | 2 | Windows component | ||||
| Windows Local Security Authority (LSA) | 0.8 | 1 | Windows component | ||||
| Windows Local Session Manager (LSM) | 0.8 | 1 | Windows component | ||||
| Windows Malicious Software Removal Tool | 0.8 | 1 | Windows component | ||||
| Windows Netlogon | 0.8 | 1 | Windows component | ||||
| Windows Overlay Filter | 0.8 | 2 | Windows component | ||||
| Windows Point-to-Point Protocol (PPP) | 0.8 | 1 | Windows component | ||||
| Windows Print Spooler | 0.8 | 3 | Windows component | ||||
| Windows Secure Socket Tunneling Protocol (SSTP) | 0.8 | 2 | Windows component | ||||
| Windows Smart Card Resource Management Server | 0.8 | 1 | Windows component | ||||
| Windows Task Scheduler | 0.8 | 1 | Windows component | ||||
| Windows iSCSI Service | 0.8 | 1 | Windows component | ||||
| .NET | 0.7 | 1 | .NET | ||||
| Microsoft SharePoint | 0.7 | 2 | 1 | Microsoft SharePoint | |||
| Microsoft Office | 0.6 | 2 | Microsoft Office | ||||
| Microsoft Office Visio | 0.6 | 3 | 1 | Microsoft Visio | |||
| 3D Builder | 0.5 | 14 | 3D Builder | ||||
| Azure Service Fabric Container | 0.5 | 1 | Azure Service Fabric Container | ||||
| Internet Key Exchange (IKE) Protocol | 0.5 | 1 | Internet Key Exchange (IKE) Protocol | ||||
| Microsoft ODBC Driver | 0.5 | 1 | Microsoft ODBC Driver | ||||
| Microsoft WDAC OLE DB provider for SQL Server | 0.5 | 1 | Microsoft WDAC OLE DB provider for SQL Server | ||||
| Visual Studio Code | 0.3 | 1 | Integrated development environment |
| Vulnerability Type | Criticality | U | C | H | M | L | Comment |
|---|---|---|---|---|---|---|---|
| Remote Code Execution | 1.0 | 32 | 1 | Remote Code Execution | |||
| Security Feature Bypass | 0.9 | 2 | 2 | Security Feature Bypass | |||
| Denial of Service | 0.7 | 7 | 3 | Denial of Service | |||
| Memory Corruption | 0.6 | 5 | Memory Corruption | ||||
| Elevation of Privilege | 0.5 | 1 | 3 | 35 | Elevation of Privilege | ||
| Information Disclosure | 0.4 | 10 | Information Disclosure | ||||
| Spoofing | 0.4 | 2 | Spoofing |
1. 
Elevation of Privilege - Windows Advanced Local Procedure Call (ALPC) (CVE-2023-21674) - Critical [755]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 1.0 | 18 | Exploitation in the wild is mentioned on Vulners (cisa_kev object), AttackerKB, Microsoft websites | |
| 0.6 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Functional Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability The vulnerability identified as CVE-2023-21674 is a Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Attackers are actively exploiting this vulnerability to gain kernel-level execution and SYSTEM privileges. It allows a local attacker to escalate privileges from sandboxed execution inside Chromium. Vulnerabilities of this nature are frequently leveraged in tandem with malware or ransomware delivery. This vulnerability was reported to Microsoft by researchers from Avast, indicating a potential risk of such malicious activity.
tenable: CVE-2023-21674 is an EoP vulnerability in Windows operating systems that received a CVSSv3 score of 8.8 and has been exploited in the wild as a zero day. The vulnerability exists in the Advanced Local Procedure Call (ALPC) functionality. ALPC is a message passing utility in Windows operating systems. When exploited, an attacker can leverage the vulnerability to break out of the sandbox in Chromium and gain kernel-level execution privileges.
rapid7: CVE-2023-21674 allows Local Privilege Escalation (LPE) to SYSTEM via a vulnerability in Windows Advanced Local Procedure Call (ALPC), which Microsoft has already seen exploited in the wild. Given its low attack complexity, the existence of functional proof-of-concept code, and the potential for sandbox escape, this may be a vulnerability to keep a close eye on. An ALPC zero-day back in 2018 swiftly found its way into a malware campaign.
zdi: CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This is the one bug listed as under active attack for this month. It allows a local attacker to escalate privileges from sandboxed execution inside Chromium to kernel-level execution and full SYSTEM privileges. Bugs of this type are often paired with some form of code exaction to deliver malware or ransomware. Considering this was reported to Microsoft by researchers from Avast, that scenario seems likely here.
2. Elevation of Privilege - Windows Backup Service (CVE-2023-21752) - High [577]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 1.0 | 17 | The existence of a publicly available exploit is mentioned on Vulners website (Exploit for CVE-2023-21752) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
3. 
Remote Code Execution - Windows Lightweight Directory Access Protocol (LDAP) (CVE-2023-21676) - High [475]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
4. Remote Code Execution - Windows Authentication (CVE-2023-21539) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
5. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21543) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
6. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21546) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
7. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21555) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
8. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21556) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
9. Remote Code Execution - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21679) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
10. Remote Code Execution - Windows Secure Socket Tunneling Protocol (SSTP) (CVE-2023-21535) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21535, CVE-2023-21548 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability These vulnerabilities in Windows Secure Socket Tunneling Protocol (SSTP) are identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an attacker who sends a specially crafted malicious SSTP packet to an SSTP server. This could result in remote code execution on the server side. It is essential to note that successfully exploiting these vulnerabilities requires the attacker to win a race condition. While Microsoft has listed the exploit complexity as high due to this requirement, it is vital to rely on something other than that mitigation. It is advised to apply patches. Additionally, monitoring for suspicious activity on the affected systems and implementing network segmentation can also help to limit the potential impact of an exploitation attempt.
11. Remote Code Execution - Windows Secure Socket Tunneling Protocol (SSTP) (CVE-2023-21548) - High [462]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.1. Based on Microsoft data |
qualys: CVE-2023-21535, CVE-2023-21548 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability These vulnerabilities in Windows Secure Socket Tunneling Protocol (SSTP) are identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an attacker who sends a specially crafted malicious SSTP packet to an SSTP server. This could result in remote code execution on the server side. It is essential to note that successfully exploiting these vulnerabilities requires the attacker to win a race condition. While Microsoft has listed the exploit complexity as high due to this requirement, it is vital to rely on something other than that mitigation. It is advised to apply patches. Additionally, monitoring for suspicious activity on the affected systems and implementing network segmentation can also help to limit the potential impact of an exploitation attempt.
12. Remote Code Execution - Microsoft SharePoint (CVE-2023-21742) - High [456]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
13. Remote Code Execution - Microsoft SharePoint (CVE-2023-21744) - High [456]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
14. Elevation of Privilege - Windows GDI (CVE-2023-21552) - High [452]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0.4 | 17 | The exploit's existence is mentioned in Microsoft CVSS Temporal Score (Proof-of-Concept Exploit) | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
15. 
Security Feature Bypass - BitLocker (CVE-2023-21563) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | A full volume encryption feature included with Microsoft Windows versions starting with Windows Vista | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.8. Based on Microsoft data |
16. Security Feature Bypass - Windows Boot Manager (CVE-2023-21560) - High [428]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.6. Based on Microsoft data |
17. Remote Code Execution - Microsoft Office (CVE-2023-21734) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: Today’s haul includes two Office Remote Code Execution vulnerabilities. Both CVE-2023-21734 and CVE-2023-21735 sound broadly familiar: a user needs to be tricked into running malicious files. Unfortunately, the security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available, so admins with affected assets will need to check back later and rely on other defenses for now.
18. Remote Code Execution - Microsoft Office (CVE-2023-21735) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Office | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
rapid7: Today’s haul includes two Office Remote Code Execution vulnerabilities. Both CVE-2023-21734 and CVE-2023-21735 sound broadly familiar: a user needs to be tricked into running malicious files. Unfortunately, the security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available, so admins with affected assets will need to check back later and rely on other defenses for now.
19. Remote Code Execution - Microsoft Office Visio (CVE-2023-21736) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
20. Remote Code Execution - Microsoft Office Visio (CVE-2023-21737) - High [424]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
21. Remote Code Execution - Microsoft ODBC Driver (CVE-2023-21732) - High [418]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft ODBC Driver | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
22. Remote Code Execution - Microsoft WDAC OLE DB provider for SQL Server (CVE-2023-21681) - High [418]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | Microsoft WDAC OLE DB provider for SQL Server | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
23. Elevation of Privilege - Windows SMB (CVE-2023-21549) - High [412]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 1 | 14 | Windows component | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
rapid7: CVE-2023-21549 is Windows SMB elevation for which Microsoft has not yet seen in-the-wild exploitation or a solid proof-of-concept, although Microsoft has marked it as publicly disclosed.
24. Remote Code Execution - Microsoft Office Visio (CVE-2023-21738) - High [410]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.6 | 14 | Microsoft Visio | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
25. Remote Code Execution - 3D Builder (CVE-2023-21780) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
26. Remote Code Execution - 3D Builder (CVE-2023-21781) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
27. Remote Code Execution - 3D Builder (CVE-2023-21782) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
28. Remote Code Execution - 3D Builder (CVE-2023-21783) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
29. Remote Code Execution - 3D Builder (CVE-2023-21784) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
30. Remote Code Execution - 3D Builder (CVE-2023-21785) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
31. Remote Code Execution - 3D Builder (CVE-2023-21786) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
32. Remote Code Execution - 3D Builder (CVE-2023-21787) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
33. Remote Code Execution - 3D Builder (CVE-2023-21788) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
34. Remote Code Execution - 3D Builder (CVE-2023-21789) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
35. Remote Code Execution - 3D Builder (CVE-2023-21790) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
36. Remote Code Execution - 3D Builder (CVE-2023-21791) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
37. Remote Code Execution - 3D Builder (CVE-2023-21792) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
38. Remote Code Execution - 3D Builder (CVE-2023-21793) - High [405]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.5 | 14 | 3D Builder | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
39. 
Denial of Service - Windows Internet Key Exchange (IKE) Extension (CVE-2023-21677) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
40. Denial of Service - Windows Internet Key Exchange (IKE) Extension (CVE-2023-21683) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
41. Denial of Service - Windows Internet Key Exchange (IKE) Extension (CVE-2023-21758) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
42. Denial of Service - Windows Layer 2 Tunneling Protocol (L2TP) (CVE-2023-21757) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
43. Denial of Service - Windows Lightweight Directory Access Protocol (LDAP) (CVE-2023-21557) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
44. Denial of Service - Windows Netlogon (CVE-2023-21728) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
45. Denial of Service - Windows iSCSI Service (CVE-2023-21527) - High [401]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
46. 
Memory Corruption - Microsoft Edge (CVE-2022-4436) - Medium [394]
Description: Chromium: CVE-2022-4436
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2022-4436 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
47. Memory Corruption - Microsoft Edge (CVE-2022-4437) - Medium [394]
Description: Chromium: CVE-2022-4437
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2022-4437 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
48. Memory Corruption - Microsoft Edge (CVE-2022-4438) - Medium [394]
Description: Chromium: CVE-2022-4438
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2022-4438 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
49. Memory Corruption - Microsoft Edge (CVE-2022-4439) - Medium [394]
Description: Chromium: CVE-2022-4439
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2022-4439 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
50. Memory Corruption - Microsoft Edge (CVE-2022-4440) - Medium [394]
Description: Chromium: CVE-2022-4440
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.6 | 15 | Memory Corruption | |
| 0.8 | 14 | Web browser | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on NVD data |
MS PT Extended: CVE-2022-4440 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
51. Denial of Service - .NET (CVE-2023-21538) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.7 | 14 | .NET | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
52. Security Feature Bypass - Microsoft SharePoint (CVE-2023-21743) - Medium [382]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.7 | 14 | Microsoft SharePoint | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.3. Based on Microsoft data |
qualys: CVE-2023-21743 – Microsoft SharePoint Server Security Feature Bypass Vulnerability The recently discovered vulnerability, designated as CVE-2023-21743, affects the security features of the Microsoft SharePoint Server and has been rated as critical. An unauthenticated, remote attacker may exploit this vulnerability to launch and establish an anonymous connection to the concerned SharePoint server, thereby bypassing security criteria.As a result, it is highly advised that system administrators take prompt action to mitigate this vulnerability and upgrade the affected SharePoint Server using the update provided.
rapid7: Anyone responsible for a SharePoint Server instance has three new vulnerabilities to consider. Perhaps the most noteworthy is CVE-2023-21743, a remote authentication bypass. Remediation requires additional admin action after the installation of the SharePoint Server security update; however, exploitation requires no user interaction, and Microsoft already assesses it as “Exploitation More Likely”. This regrettable combination of properties explains the Critical severity assigned by Microsoft despite the relatively low CVSS score.
zdi: CVE-2023-21743 - Microsoft SharePoint Server Security Feature Bypass Vulnerability. You rarely see a Critical-rated Security Feature Bypass (SFB), but this one seems to qualify. This bug could allow a remote, unauthenticated attacker to make an anonymous connection to an affected SharePoint server. Sysadmins need to take additional measures to be fully protected from this vulnerability. To fully resolve this bug, you must also trigger a SharePoint upgrade action that’s also included in this update. Full details on how to do this are in the bulletin. Situations like this are why people who scream “Just patch it!” show they have never actually had to patch an enterprise in the real world.
53. Denial of Service - Remote Procedure Call Runtime (CVE-2023-21525) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.9 | 14 | Remote Procedure Call Runtime | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.3. Based on Microsoft data |
54. Elevation of Privilege - Microsoft Message Queuing (CVE-2023-21537) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Microsoft Message Queuing or MSMQ is a message queue implementation developed by Microsoft and deployed in its Windows Server operating systems since Windows NT 4 and Windows 95 | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
55. Elevation of Privilege - Windows Kernel (CVE-2023-21675) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
56. Elevation of Privilege - Windows Kernel (CVE-2023-21747) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
57. Elevation of Privilege - Windows Kernel (CVE-2023-21748) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
58. Elevation of Privilege - Windows Kernel (CVE-2023-21749) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
59. Elevation of Privilege - Windows Kernel (CVE-2023-21754) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
60. Elevation of Privilege - Windows Kernel (CVE-2023-21755) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
61. Elevation of Privilege - Windows Kernel (CVE-2023-21772) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
62. Elevation of Privilege - Windows Kernel (CVE-2023-21773) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
63. Elevation of Privilege - Windows Kernel (CVE-2023-21774) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
64. Elevation of Privilege - Windows NTLM (CVE-2023-21746) - Medium [379]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | A suite of security protocols to authenticate users' identity and protect the integrity and confidentiality of their activity | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2023-21746 is an EoP vulnerability in Windows NTLM that received a CVSSv3 score of 7.8 and was rated “Exploitation Less Likely.” Successful exploitation would allow an attacker to gain SYSTEM privileges. It was disclosed by Andrea Pierini with Semperis and Antonio Cocomazzi with Sentinel One.
65. Elevation of Privilege - Windows Win32k (CVE-2023-21680) - Medium [379]
Description: Windows
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows kernel-mode driver | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
66. Elevation of Privilege - Microsoft Cryptographic Services (CVE-2023-21561) - Medium [374]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | he Cryptographic Services is a Microsoft Windows feature that encrypts and decrypts data on storage devices when they are accessed | |
| 0.9 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.8. Based on Microsoft data |
qualys: CVE-2023-21730, CVE-2023-21561, CVE-2023-21551 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability The vulnerabilities designated as CVE-2023-21730, CVE-2023-21561, and CVE-2023-21551 in Microsoft Cryptographic Services have been recognised as Elevation of Privilege vulnerabilities. These vulnerabilities can be exploited by a locally authenticated attacker who sends specially crafted data to the local CSRSS service. This allows attackers to elevate their privileges from an AppContainer environment to SYSTEM-level access. It is important to note that these bugs have not yet been publicly disclosed and currently do not have any known exploitation in the wild, making the likelihood of successful exploitation relatively low. However, it is still crucial to take necessary protection to ensure that the system is secured. AppContainer is considered a secure boundary, and any process that is able to bypass this boundary means a change in scope. An attacker who successfully exploits these vulnerabilities would be able to execute code or access resources at a higher integrity level than the AppContainer execution environment. To exploit this vulnerability, an attacker would require valid credentials and must be able to log on locally to a targeted system. An attacker who successfully exploited this vulnerability could gain SYSTEM-level privileges.
67. Security Feature Bypass - Windows Smart Card Resource Management Server (CVE-2023-21759) - Medium [374]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.9 | 15 | Security Feature Bypass | |
| 0.8 | 14 | Windows component | |
| 0.3 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 3.3. Based on Microsoft data |
68. Elevation of Privilege - Windows Kernel (CVE-2023-21750) - Medium [366]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.9 | 14 | Windows Kernel | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
69. Elevation of Privilege - Microsoft Cryptographic Services (CVE-2023-21551) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | he Cryptographic Services is a Microsoft Windows feature that encrypts and decrypts data on storage devices when they are accessed | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2023-21730, CVE-2023-21561, CVE-2023-21551 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability The vulnerabilities designated as CVE-2023-21730, CVE-2023-21561, and CVE-2023-21551 in Microsoft Cryptographic Services have been recognised as Elevation of Privilege vulnerabilities. These vulnerabilities can be exploited by a locally authenticated attacker who sends specially crafted data to the local CSRSS service. This allows attackers to elevate their privileges from an AppContainer environment to SYSTEM-level access. It is important to note that these bugs have not yet been publicly disclosed and currently do not have any known exploitation in the wild, making the likelihood of successful exploitation relatively low. However, it is still crucial to take necessary protection to ensure that the system is secured. AppContainer is considered a secure boundary, and any process that is able to bypass this boundary means a change in scope. An attacker who successfully exploits these vulnerabilities would be able to execute code or access resources at a higher integrity level than the AppContainer execution environment. To exploit this vulnerability, an attacker would require valid credentials and must be able to log on locally to a targeted system. An attacker who successfully exploited this vulnerability could gain SYSTEM-level privileges.
70. Elevation of Privilege - Microsoft Cryptographic Services (CVE-2023-21730) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | he Cryptographic Services is a Microsoft Windows feature that encrypts and decrypts data on storage devices when they are accessed | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2023-21730, CVE-2023-21561, CVE-2023-21551 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability The vulnerabilities designated as CVE-2023-21730, CVE-2023-21561, and CVE-2023-21551 in Microsoft Cryptographic Services have been recognised as Elevation of Privilege vulnerabilities. These vulnerabilities can be exploited by a locally authenticated attacker who sends specially crafted data to the local CSRSS service. This allows attackers to elevate their privileges from an AppContainer environment to SYSTEM-level access. It is important to note that these bugs have not yet been publicly disclosed and currently do not have any known exploitation in the wild, making the likelihood of successful exploitation relatively low. However, it is still crucial to take necessary protection to ensure that the system is secured. AppContainer is considered a secure boundary, and any process that is able to bypass this boundary means a change in scope. An attacker who successfully exploits these vulnerabilities would be able to execute code or access resources at a higher integrity level than the AppContainer execution environment. To exploit this vulnerability, an attacker would require valid credentials and must be able to log on locally to a targeted system. An attacker who successfully exploited this vulnerability could gain SYSTEM-level privileges.
tenable: CVE-2023-21730 is an EoP in Windows operating systems that received a CVSSv3 score of 7.8. The vulnerability exists in Windows Cryptographic Services, a suite of cryptographic utilities in Windows operating systems. The vulnerability can be exploited by a remote, unauthenticated attacker. The exploit requires no user interaction and has a low attack complexity. However, according to the Microsoft Exploitability Index, exploitation is less likely. Discovery is credited to Microsoft's Offensive and Security Engineering (MORSE) team.
71. Elevation of Privilege - Microsoft DWM Core Library (CVE-2023-21724) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
72. Elevation of Privilege - Microsoft Exchange (CVE-2023-21763) - Medium [360]
Description: Microsoft
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2023-21763 – CVE-2023-21764 – Microsoft Exchange Server Elevation of Privilege Vulnerability The vulnerability designated as CVE-2023-21763 and CVE-2023-21764 in Microsoft Exchange Server has been identified as an Elevation of Privilege vulnerability. This vulnerability arises from failing to patch a previously identified issue, designated as CVE-2022-41123, properly. Due to a hard-coded file path, a local attacker may be able to load their own DLL and execute code with SYSTEM-level privileges. It is strongly recommended that users running Exchange tests deploy all necessary Exchange fixes promptly to mitigate this vulnerability.
tenable: CVE-2023-21763 and CVE-2023-21764 are EoP vulnerabilities in Microsoft Exchange Server that received CVSSv3 scores of 7.8 and could grant an authenticated attacker SYSTEM privileges. Microsoft has rated these as “Exploitation Less Likely,” but has offered no explanation why. Piotr Bazydlo with Trend Micro Zero Day Initiative is credited with reporting both of these vulnerabilities.
zdi: CVE-2023-21763/CVE-2023-21764 - Microsoft Exchange Server Elevation of Privilege Vulnerability. These bugs were found by ZDI researcher Piotr Bazydło and result from a failed patch of CVE-2022-41123. As such, these vulnerabilities were reported under our new timelines for bugs resulting from incomplete patches. Thanks to the use of a hard-coded path, a local attacker could load their own DLL and execute code at the level of SYSTEM. A recent report showed nearly 70,000 unpatched Exchange servers that were accessible from the internet. If you’re running Exchange on-prem, please test and deploy all the Exchange fixes quickly, and hope that Microsoft fixed these bugs correctly this time.
73. Elevation of Privilege - Microsoft Exchange (CVE-2023-21764) - Medium [360]
Description: Microsoft
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
qualys: CVE-2023-21763 – CVE-2023-21764 – Microsoft Exchange Server Elevation of Privilege Vulnerability The vulnerability designated as CVE-2023-21763 and CVE-2023-21764 in Microsoft Exchange Server has been identified as an Elevation of Privilege vulnerability. This vulnerability arises from failing to patch a previously identified issue, designated as CVE-2022-41123, properly. Due to a hard-coded file path, a local attacker may be able to load their own DLL and execute code with SYSTEM-level privileges. It is strongly recommended that users running Exchange tests deploy all necessary Exchange fixes promptly to mitigate this vulnerability.
tenable: CVE-2023-21763 and CVE-2023-21764 are EoP vulnerabilities in Microsoft Exchange Server that received CVSSv3 scores of 7.8 and could grant an authenticated attacker SYSTEM privileges. Microsoft has rated these as “Exploitation Less Likely,” but has offered no explanation why. Piotr Bazydlo with Trend Micro Zero Day Initiative is credited with reporting both of these vulnerabilities.
zdi: CVE-2023-21763/CVE-2023-21764 - Microsoft Exchange Server Elevation of Privilege Vulnerability. These bugs were found by ZDI researcher Piotr Bazydło and result from a failed patch of CVE-2022-41123. As such, these vulnerabilities were reported under our new timelines for bugs resulting from incomplete patches. Thanks to the use of a hard-coded path, a local attacker could load their own DLL and execute code at the level of SYSTEM. A recent report showed nearly 70,000 unpatched Exchange servers that were accessible from the internet. If you’re running Exchange on-prem, please test and deploy all the Exchange fixes quickly, and hope that Microsoft fixed these bugs correctly this time.
74. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2023-21768) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
75. Elevation of Privilege - Windows Credential Manager User Interface (CVE-2023-21726) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
76. Elevation of Privilege - Windows Error Reporting Service (CVE-2023-21558) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
77. Elevation of Privilege - Windows Local Security Authority (LSA) (CVE-2023-21524) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
78. Elevation of Privilege - Windows Overlay Filter (CVE-2023-21767) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
79. Elevation of Privilege - Windows Print Spooler (CVE-2023-21678) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2023-21760, CVE-2023-21765, and CVE-2023-21678 are EoP vulnerabilities in Windows Print Spooler. The three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated as “Exploitation Less Likely.” CVE-2023-21678 was disclosed to Microsoft by the National Security Agency (NSA). This continues a trend observed last year, where the NSA disclosed three vulnerabilities in Print Spooler, beginning with CVE-2022-29104 and CVE-2022-29132 in May 2022 and leading to CVE-2022-38028 in October 2022.
80. Elevation of Privilege - Windows Print Spooler (CVE-2023-21765) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
tenable: CVE-2023-21760, CVE-2023-21765, and CVE-2023-21678 are EoP vulnerabilities in Windows Print Spooler. The three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated as “Exploitation Less Likely.” CVE-2023-21678 was disclosed to Microsoft by the National Security Agency (NSA). This continues a trend observed last year, where the NSA disclosed three vulnerabilities in Print Spooler, beginning with CVE-2022-29104 and CVE-2022-29132 in May 2022 and leading to CVE-2022-38028 in October 2022.
81. Elevation of Privilege - Windows Task Scheduler (CVE-2023-21541) - Medium [360]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data |
82. Remote Code Execution - Visual Studio Code (CVE-2023-21779) - Medium [354]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 1.0 | 15 | Remote Code Execution | |
| 0.3 | 14 | Integrated development environment | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.3. Based on Microsoft data |
83. Elevation of Privilege - Windows Bind Filter Driver (CVE-2023-21733) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
84. Elevation of Privilege - Windows Bluetooth Driver (CVE-2023-21739) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
85. Elevation of Privilege - Windows GDI (CVE-2023-21532) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
86. Elevation of Privilege - Windows Installer (CVE-2023-21542) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
87. Elevation of Privilege - Windows Local Session Manager (LSM) (CVE-2023-21771) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
88. Elevation of Privilege - Windows Print Spooler (CVE-2023-21760) - Medium [347]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
tenable: CVE-2023-21760, CVE-2023-21765, and CVE-2023-21678 are EoP vulnerabilities in Windows Print Spooler. The three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated as “Exploitation Less Likely.” CVE-2023-21678 was disclosed to Microsoft by the National Security Agency (NSA). This continues a trend observed last year, where the NSA disclosed three vulnerabilities in Print Spooler, beginning with CVE-2022-29104 and CVE-2022-29132 in May 2022 and leading to CVE-2022-38028 in October 2022.
89. Denial of Service - Internet Key Exchange (IKE) Protocol (CVE-2023-21547) - Medium [344]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.7 | 15 | Denial of Service | |
| 0.5 | 14 | Internet Key Exchange (IKE) Protocol | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
90. 
Information Disclosure - Microsoft Exchange (CVE-2023-21761) - Medium [340]
Description: Microsoft
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Microsoft data |
91. 
Spoofing - Microsoft Exchange (CVE-2023-21745) - Medium [340]
Description: Microsoft
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.0. Based on Microsoft data |
tenable: CVE-2023-21745 and CVE-2023-21762 are spoofing vulnerabilities in Microsoft Exchange Server that both received CVSSv3 score of 8.0. However, these flaws have distinct characteristics from one another. CVE-2023-21745 can be exploited by an adjacent attacker — either via the local area network, or over the internet — and was rated “Exploitation More Likely.” It was reported by Piotr Bazydlo with Trend Micro Zero Day Initiative. On the other hand, CVE-2023-21762 also requires an adjacent attacker, but is restricted to a shared physical or local network, or an “otherwise limited administrative domain.” Successful exploitation could lead to disclosure of New Technology LAN Manager (NTLM) hashes and NTLM relay attacks.
92. Spoofing - Microsoft Exchange (CVE-2023-21762) - Medium [340]
Description: Microsoft
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Spoofing | |
| 0.8 | 14 | Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft | |
| 0.8 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 8.0. Based on Microsoft data |
tenable: CVE-2023-21745 and CVE-2023-21762 are spoofing vulnerabilities in Microsoft Exchange Server that both received CVSSv3 score of 8.0. However, these flaws have distinct characteristics from one another. CVE-2023-21745 can be exploited by an adjacent attacker — either via the local area network, or over the internet — and was rated “Exploitation More Likely.” It was reported by Piotr Bazydlo with Trend Micro Zero Day Initiative. On the other hand, CVE-2023-21762 also requires an adjacent attacker, but is restricted to a shared physical or local network, or an “otherwise limited administrative domain.” Successful exploitation could lead to disclosure of New Technology LAN Manager (NTLM) hashes and NTLM relay attacks.
93. Elevation of Privilege - Windows Malicious Software Removal Tool (CVE-2023-21725) - Medium [333]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 6.3. Based on Microsoft data |
94. Information Disclosure - Windows Kernel (CVE-2023-21776) - Medium [332]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.9 | 14 | Windows Kernel | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
95. Information Disclosure - Event Tracing for Windows (CVE-2023-21753) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
96. Information Disclosure - Windows Cryptographic (CVE-2023-21540) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
97. Information Disclosure - Windows Cryptographic (CVE-2023-21550) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
98. Information Disclosure - Windows Cryptographic (CVE-2023-21559) - Medium [313]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.6 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.5. Based on Microsoft data |
99. Information Disclosure - Event Tracing for Windows (CVE-2023-21536) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
100. Information Disclosure - Windows Overlay Filter (CVE-2023-21766) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 4.7. Based on Microsoft data |
101. Information Disclosure - Windows Point-to-Point Protocol (PPP) (CVE-2023-21682) - Medium [300]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.8 | 14 | Windows component | |
| 0.5 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 5.3. Based on Microsoft data |
102. Elevation of Privilege - Azure Service Fabric Container (CVE-2023-21531) - Medium [290]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.5 | 15 | Elevation of Privilege | |
| 0.5 | 14 | Azure Service Fabric Container | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.0. Based on Microsoft data |
103. Information Disclosure - Microsoft Office Visio (CVE-2023-21741) - Medium [289]
Description:
| Component | Value | Weight | Comment |
|---|---|---|---|
| 0 | 18 | Exploitation in the wild is NOT mentioned on Vulners, Microsoft and AttackerKB websites | |
| 0 | 17 | The exploit's existence is NOT mentioned on Vulners and Microsoft websites. | |
| 0.4 | 15 | Information Disclosure | |
| 0.6 | 14 | Microsoft Visio | |
| 0.7 | 10 | Vulnerability Severity Rating based on CVSS Base Score is 7.1. Based on Microsoft data |
Elevation of Privilege (1)qualys: CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability The vulnerability identified as CVE-2023-21674 is a Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Attackers are actively exploiting this vulnerability to gain kernel-level execution and SYSTEM privileges. It allows a local attacker to escalate privileges from sandboxed execution inside Chromium. Vulnerabilities of this nature are frequently leveraged in tandem with malware or ransomware delivery. This vulnerability was reported to Microsoft by researchers from Avast, indicating a potential risk of such malicious activity.
tenable: CVE-2023-21674 is an EoP vulnerability in Windows operating systems that received a CVSSv3 score of 8.8 and has been exploited in the wild as a zero day. The vulnerability exists in the Advanced Local Procedure Call (ALPC) functionality. ALPC is a message passing utility in Windows operating systems. When exploited, an attacker can leverage the vulnerability to break out of the sandbox in Chromium and gain kernel-level execution privileges.
rapid7: CVE-2023-21674 allows Local Privilege Escalation (LPE) to SYSTEM via a vulnerability in Windows Advanced Local Procedure Call (ALPC), which Microsoft has already seen exploited in the wild. Given its low attack complexity, the existence of functional proof-of-concept code, and the potential for sandbox escape, this may be a vulnerability to keep a close eye on. An ALPC zero-day back in 2018 swiftly found its way into a malware campaign.
zdi: CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This is the one bug listed as under active attack for this month. It allows a local attacker to escalate privileges from sandboxed execution inside Chromium to kernel-level execution and full SYSTEM privileges. Bugs of this type are often paired with some form of code exaction to deliver malware or ransomware. Considering this was reported to Microsoft by researchers from Avast, that scenario seems likely here.
Elevation of Privilege (1)Remote Code Execution (33)qualys: CVE-2023-21679, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability These vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP) have been identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an unauthenticated attacker who sends a specially crafted connection request to a RAS (Remote Access Server) server. This could lead to remote code execution (RCE) on the RAS server machine. It is important to mention that successfully exploiting these vulnerabilities requires an attacker to take additional actions to prepare the target environment and win a race condition. While these vulnerabilities have been discovered and reported, there has been no indication that these vulnerabilities have been actively exploited.
tenable: CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21556 and CVE-2023-21679 are RCE vulnerabilities in Windows operating systems, all given a CVSSv3 score of 8.1. The vulnerabilities can be exploited by a remote, unauthenticated attacker targeting a machine acting as a Remote Access Server. However, the vulnerabilities have a high attack complexity, meaning the attacker will have to perform actions on the target prior to exploitation for it to be successful. Discovery is credited to RyeLv for CVE-2023-21543, and Yuki Chen with Cyber KunLun for the others.
qualys: CVE-2023-21535, CVE-2023-21548 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability These vulnerabilities in Windows Secure Socket Tunneling Protocol (SSTP) are identified as Remote Code Execution vulnerabilities. These vulnerabilities can be exploited by an attacker who sends a specially crafted malicious SSTP packet to an SSTP server. This could result in remote code execution on the server side. It is essential to note that successfully exploiting these vulnerabilities requires the attacker to win a race condition. While Microsoft has listed the exploit complexity as high due to this requirement, it is vital to rely on something other than that mitigation. It is advised to apply patches. Additionally, monitoring for suspicious activity on the affected systems and implementing network segmentation can also help to limit the potential impact of an exploitation attempt.
rapid7: Today’s haul includes two Office Remote Code Execution vulnerabilities. Both CVE-2023-21734 and CVE-2023-21735 sound broadly familiar: a user needs to be tricked into running malicious files. Unfortunately, the security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available, so admins with affected assets will need to check back later and rely on other defenses for now.
Elevation of Privilege (37)rapid7: CVE-2023-21549 is Windows SMB elevation for which Microsoft has not yet seen in-the-wild exploitation or a solid proof-of-concept, although Microsoft has marked it as publicly disclosed.
tenable: CVE-2023-21746 is an EoP vulnerability in Windows NTLM that received a CVSSv3 score of 7.8 and was rated “Exploitation Less Likely.” Successful exploitation would allow an attacker to gain SYSTEM privileges. It was disclosed by Andrea Pierini with Semperis and Antonio Cocomazzi with Sentinel One.
qualys: CVE-2023-21730, CVE-2023-21561, CVE-2023-21551 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability The vulnerabilities designated as CVE-2023-21730, CVE-2023-21561, and CVE-2023-21551 in Microsoft Cryptographic Services have been recognised as Elevation of Privilege vulnerabilities. These vulnerabilities can be exploited by a locally authenticated attacker who sends specially crafted data to the local CSRSS service. This allows attackers to elevate their privileges from an AppContainer environment to SYSTEM-level access. It is important to note that these bugs have not yet been publicly disclosed and currently do not have any known exploitation in the wild, making the likelihood of successful exploitation relatively low. However, it is still crucial to take necessary protection to ensure that the system is secured. AppContainer is considered a secure boundary, and any process that is able to bypass this boundary means a change in scope. An attacker who successfully exploits these vulnerabilities would be able to execute code or access resources at a higher integrity level than the AppContainer execution environment. To exploit this vulnerability, an attacker would require valid credentials and must be able to log on locally to a targeted system. An attacker who successfully exploited this vulnerability could gain SYSTEM-level privileges.
tenable: CVE-2023-21730 is an EoP in Windows operating systems that received a CVSSv3 score of 7.8. The vulnerability exists in Windows Cryptographic Services, a suite of cryptographic utilities in Windows operating systems. The vulnerability can be exploited by a remote, unauthenticated attacker. The exploit requires no user interaction and has a low attack complexity. However, according to the Microsoft Exploitability Index, exploitation is less likely. Discovery is credited to Microsoft's Offensive and Security Engineering (MORSE) team.
qualys: CVE-2023-21763 – CVE-2023-21764 – Microsoft Exchange Server Elevation of Privilege Vulnerability The vulnerability designated as CVE-2023-21763 and CVE-2023-21764 in Microsoft Exchange Server has been identified as an Elevation of Privilege vulnerability. This vulnerability arises from failing to patch a previously identified issue, designated as CVE-2022-41123, properly. Due to a hard-coded file path, a local attacker may be able to load their own DLL and execute code with SYSTEM-level privileges. It is strongly recommended that users running Exchange tests deploy all necessary Exchange fixes promptly to mitigate this vulnerability.
tenable: CVE-2023-21763 and CVE-2023-21764 are EoP vulnerabilities in Microsoft Exchange Server that received CVSSv3 scores of 7.8 and could grant an authenticated attacker SYSTEM privileges. Microsoft has rated these as “Exploitation Less Likely,” but has offered no explanation why. Piotr Bazydlo with Trend Micro Zero Day Initiative is credited with reporting both of these vulnerabilities.
zdi: CVE-2023-21763/CVE-2023-21764 - Microsoft Exchange Server Elevation of Privilege Vulnerability. These bugs were found by ZDI researcher Piotr Bazydło and result from a failed patch of CVE-2022-41123. As such, these vulnerabilities were reported under our new timelines for bugs resulting from incomplete patches. Thanks to the use of a hard-coded path, a local attacker could load their own DLL and execute code at the level of SYSTEM. A recent report showed nearly 70,000 unpatched Exchange servers that were accessible from the internet. If you’re running Exchange on-prem, please test and deploy all the Exchange fixes quickly, and hope that Microsoft fixed these bugs correctly this time.
tenable: CVE-2023-21760, CVE-2023-21765, and CVE-2023-21678 are EoP vulnerabilities in Windows Print Spooler. The three vulnerabilities were assigned a CVSSv3 score of 7.8 and are rated as “Exploitation Less Likely.” CVE-2023-21678 was disclosed to Microsoft by the National Security Agency (NSA). This continues a trend observed last year, where the NSA disclosed three vulnerabilities in Print Spooler, beginning with CVE-2022-29104 and CVE-2022-29132 in May 2022 and leading to CVE-2022-38028 in October 2022.
Security Feature Bypass (4)qualys: CVE-2023-21743 – Microsoft SharePoint Server Security Feature Bypass Vulnerability The recently discovered vulnerability, designated as CVE-2023-21743, affects the security features of the Microsoft SharePoint Server and has been rated as critical. An unauthenticated, remote attacker may exploit this vulnerability to launch and establish an anonymous connection to the concerned SharePoint server, thereby bypassing security criteria.As a result, it is highly advised that system administrators take prompt action to mitigate this vulnerability and upgrade the affected SharePoint Server using the update provided.
rapid7: Anyone responsible for a SharePoint Server instance has three new vulnerabilities to consider. Perhaps the most noteworthy is CVE-2023-21743, a remote authentication bypass. Remediation requires additional admin action after the installation of the SharePoint Server security update; however, exploitation requires no user interaction, and Microsoft already assesses it as “Exploitation More Likely”. This regrettable combination of properties explains the Critical severity assigned by Microsoft despite the relatively low CVSS score.
zdi: CVE-2023-21743 - Microsoft SharePoint Server Security Feature Bypass Vulnerability. You rarely see a Critical-rated Security Feature Bypass (SFB), but this one seems to qualify. This bug could allow a remote, unauthenticated attacker to make an anonymous connection to an affected SharePoint server. Sysadmins need to take additional measures to be fully protected from this vulnerability. To fully resolve this bug, you must also trigger a SharePoint upgrade action that’s also included in this update. Full details on how to do this are in the bulletin. Situations like this are why people who scream “Just patch it!” show they have never actually had to patch an enterprise in the real world.
Denial of Service (10)Memory Corruption (5)MS PT Extended: CVE-2022-4436 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
MS PT Extended: CVE-2022-4440 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
MS PT Extended: CVE-2022-4439 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
MS PT Extended: CVE-2022-4438 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
MS PT Extended: CVE-2022-4437 was published before January 2023 Patch Tuesday from 2022-12-14 to 2023-01-09
Information Disclosure (10)Spoofing (2)tenable: CVE-2023-21745 and CVE-2023-21762 are spoofing vulnerabilities in Microsoft Exchange Server that both received CVSSv3 score of 8.0. However, these flaws have distinct characteristics from one another. CVE-2023-21745 can be exploited by an adjacent attacker — either via the local area network, or over the internet — and was rated “Exploitation More Likely.” It was reported by Piotr Bazydlo with Trend Micro Zero Day Initiative. On the other hand, CVE-2023-21762 also requires an adjacent attacker, but is restricted to a shared physical or local network, or an “otherwise limited administrative domain.” Successful exploitation could lead to disclosure of New Technology LAN Manager (NTLM) hashes and NTLM relay attacks.