Internet Storm Center Spotlight


INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

July 2023 Microsoft Patch Update

Published: 2023-07-11

Last Updated: 2023-07-11 20:37:11 UTC

by Scott Fendley (Version: 1)

Today's Microsoft patch Tuesday addresses 132 vulnerabilities. Nine of the vulnerabilities are rated as Critical, and 6 of these are listed as exploited prior in the wild.

In particular, CVE-2023-36884 includes a remote code execution vulnerability via Microsoft Word documents and was linked to the Storm-0978 threat actor. Microsoft Threat Intelligence has a blog entry which discusses this situation. Take special note of the mitigations which are recommended, as updates will likely be released out-of-cycle for this one.

Other exploited vulnerabilities include:

CVE-2023-35311 is a Microsoft Outlook Security Feature bypass which was being exploited in the wild which worked in the preview pane and bypasses security warning.

CVE-2023-32046 is an actively exploited privilege elevation vulnerability in Windows MSHTML which could be exploited by opening a specially crafted file in email or a malicious website.

CVE-2023-32049 is a security feature bypass vulnerability with Windows SmartScreen which was being exploited to prevent the Open File - Security Warning prompt when downloading/opening files from the Internet.

CVE-2023-36874 is an actively exploited privilege escalation flaw which could allow threat actors to gain local administrator privileges. Attackers would need to have local access to the targeted machine and the user be able to create folder and performance traces to fully exploit this vulnerability.

Microsoft also issued a high-impact advisory (ADV230001) where attackers where abusing the drivers being certified by Microsoft's Windows Hardware Developer Program (MWHDP) as a post-exploitation activity. The implicated developer accounts were suspected, and Microsoft has taken steps to untrust drivers which were improperly certified.

Read the full entry:

https://isc.sans.edu/diary/July+2023+Microsoft+Patch+Update/30018/

Loader activity for Formbook "QM18"

Published: 2023-07-12

Last Updated: 2023-07-12 02:34:30 UTC

by Brad Duncan (Version: 1)

Introduction

In recent weeks, I've run across loaders related to GuLoader or ModiLoader/DBatLoader. I wrote about one in my previous diary last month. That loader for Remcos RAT was identified by @Gi7w0rm as GuLoader. Today I ran across another loader based on a tweet from @V3n0mStrike about recent Formbook activity.

Today's diary briefly reviews this activity based from an infection run on Tuesday 2023-07-11.

[...]

Email Distribution

After viewing the tweet from @V3n0mStrike, I searched through VirusTotal and found at least two emails with the associated .docx file attachment.

[...]

Indicators of Compromise

The following are indicators of compromise (IOCs) after using the .docx attachment to kick off an infection run.

Read the full entry:

https://isc.sans.edu/diary/Loader+activity+for+Formbook+QM18/30020/

DShield pfSense Client Update

Published: 2023-06-30

Last Updated: 2023-06-30 00:01:06 UTC

by Yee Ching Tok (Version: 1)

The SANS Internet Storm Center (ISC) developed the DShield pfSense client in 2017 to support the ingestion of pfSense firewall logs into the DShield project. The pfSense project has also evolved over the years, with some changes in the offerings. With the advent of pfSense Community Edition (CE) 2.7.0 and pfSense Plus 23.01, updates to the DShield client were required to fix unintended issues.

I am pleased to share that the DShield pfSense client has been updated and tested to be working* with pfSense CE 2.7.0 Release Candidate (RC) (just in time before pfSense CE 2.7.0-RELEASE is released on the targeted date of June 29, 2023), pfSense Plus 23.01-RELEASE as well as pfSense CE 2.6.0-RELEASE. To take a look at the DShield pfSense client, please visit the GitHub repository here. If you are a pfSense user and would like to participate in the DShield project, please refer to my previous diary [6] for the steps required to set it up.

Read the full entry:

https://isc.sans.edu/diary/DShield+pfSense+Client+Update/29994/

Internet Storm Center Entries


DSSuite (Didier's Toolbox) Docker Image Update (2023.07.07)

https://isc.sans.edu/diary/DSSuite+Didiers+Toolbox+Docker+Image+Update/30008/

IDS Comparisons with DShield Honeypot Data (2023.07.06)

https://isc.sans.edu/diary/IDS+Comparisons+with+DShield+Honeypot+Data/30002/

Analysis Method for Custom Encoding (2023.07.05)

https://isc.sans.edu/diary/Analysis+Method+for+Custom+Encoding/29946/

Controlling network access to ICS systems (2023.07.03)

https://isc.sans.edu/diary/Controlling+network+access+to+ICS+systems/30000/

Sandfly Security (2023.07.01)

https://isc.sans.edu/diary/Sandfly+Security/29998/

GuLoader- or DBatLoader/ModiLoader-style infection for Remcos RAT (2023.06.29)

https://isc.sans.edu/diary/GuLoader+or+DBatLoaderModiLoaderstyle+infection+for+Remcos+RAT/29990/

Recent CVEs


The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2023-32046 -  Windows MSHTML Platform Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

** KEV since 2023-07-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32046

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046




CVE-2023-32049 - Windows SmartScreen Security Feature Bypass Vulnerability

Product: Microsoft  Windows SmartScreen

CVSS Score: 8.8

** KEV since 2023-07-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32049

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049




CVE-2023-35311 - Microsoft Outlook Security Feature Bypass Vulnerability

Product: Microsoft Outlook

CVSS Score: 8.8

** KEV since 2023-07-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35311

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311




CVE-2023-36874 - Windows Error Reporting Service Elevation of Privilege Vulnerability

Product: Microsoft Windows Error Reporting Service

CVSS Score: 7.8

** KEV since 2023-07-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36874

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874




CVE-2023-32057 - Microsoft Message Queuing Remote Code Execution Vulnerability

Product: Microsoft Message Queuing

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32057

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057




CVE-2023-35309 - Microsoft Message Queuing Remote Code Execution Vulnerability

Product: Microsoft  Message Queuing

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35309

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35309




CVE-2023-33150 - Microsoft Office Security Feature Bypass Vulnerability

Product: Microsoft  Office

CVSS Score: 9.6 AtRiskScore 50

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33150

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33150




CVE-2023-35365, CVE-2023-35366, CVE-2023-35367 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerabilities

Product: Microsoft Windows Routing and Remote Access Service (RRAS)

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35365

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35366

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35367

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: 

- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35365

- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35366

- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367




CVE-2023-36884 - Office and Windows HTML Remote Code Execution Vulnerability

Product: Microsoft Windows and Office

CVSS Score: 8.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36884

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884




CVE-2017-0199 - Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API

Product: Microsoft Windows Vista 

CVSS Score: 0

** KEV since 2021-11-03 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2017-0199

ISC Diary: https://isc.sans.edu/diary/30020




CVE-2023-21631 - Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

Product: Qualcomm 315 5G

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21631

NVD References: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin




CVE-2023-3504 - SmartWeb Infotech Job Board 1.0 is vulnerable to unrestricted upload in the My Profile Page component, allowing remote attackers to manipulate the filename and launch an attack.

Product: Smartweb Infotech Job Board Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3504

NVD References: 

- https://vuldb.com/?ctiid.232952

- https://vuldb.com/?id.232952




CVE-2021-46890, CVE-2021-46891 -  GPU module of the product lacks proper read and write permission verification, leading to potential impact on service confidentiality, integrity, and availability.

Product: Huawei EMUI

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-46890

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-46891

NVD References: https://consumer.huawei.com/en/support/bulletin/2023/7/

NVD References: https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858




CVE-2023-36934 - MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4) allows an unauthenticated attacker to gain unauthorized database access through a SQL injection vulnerability.

Product: Progress MOVEit Transfer

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36934

NVD References: 

- https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023

- https://www.progress.com/moveit




CVE-2020-25969 - gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().

Product: GnuplotProject 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-25969

NVD References: https://sourceforge.net/p/gnuplot/bugs/2311/




CVE-2023-35924 - GLPI inventory endpoint in versions prior to 10.0.8 allows unauthenticated SQL injection attacks, but can be mitigated by disabling native inventory.

Product: GLPI-Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35924

NVD References: 

- https://github.com/glpi-project/glpi/releases/tag/10.0.8

- https://github.com/glpi-project/glpi/security/advisories/GHSA-gxh4-j63w-8jmm




CVE-2023-36808 - GLPI is vulnerable to SQL injection attacks in versions prior to 10.0.8, allowing malicious actors to exploit Computer Virtual Machine form and GLPI inventory request.

Product: GLPI-Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36808

NVD References: 

- https://github.com/glpi-project/glpi/releases/tag/10.0.8

- https://github.com/glpi-project/glpi/security/advisories/GHSA-vf5h-jh9q-2gjm




CVE-2023-22319 - Milesight VPN v2.0.2 is vulnerable to an SQL injection flaw in its LoginAuth functionality, allowing an attacker to bypass authentication via a specially-crafted network request.

Product: Milesight VPN

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22319

NVD References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701




CVE-2023-23902 - Milesight UR32L v32.3.0.5 is vulnerable to a remote code execution due to a buffer overflow in its uhttpd login functionality.

Product: Milesight UR32L

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-23902

NVD References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1697




CVE-2023-36459 -  Mastodon, a free and open-source social network server, is vulnerable to cross-site scripting (XSS) attacks due to insufficient HTML sanitization in oEmbed preview cards.

Product: Mastodon

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36459

NVD References: 

- http://www.openwall.com/lists/oss-security/2023/07/06/5

- https://github.com/mastodon/mastodon/commit/6d8e0fae3e96f3cf4febe03fa7fcf5b95ff761b2

- https://github.com/mastodon/mastodon/releases/tag/v3.5.9

- https://github.com/mastodon/mastodon/releases/tag/v4.0.5

- https://github.com/mastodon/mastodon/releases/tag/v4.1.3

- https://github.com/mastodon/mastodon/security/advisories/GHSA-ccm4-vgcc-73hp




CVE-2023-36460 - Mastodon allows attackers to create arbitrary files and achieve remote code execution through carefully crafted media files.

Product: Mastodon

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36460

NVD References: 

- http://www.openwall.com/lists/oss-security/2023/07/06/4

- https://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440

- https://github.com/mastodon/mastodon/releases/tag/v3.5.9

- https://github.com/mastodon/mastodon/releases/tag/v4.0.5

- https://github.com/mastodon/mastodon/releases/tag/v4.1.3

- https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm




CVE-2023-35987 - PiiGAB M-Bus contains hard-coded credentials which it uses for authentication.

Product: PiiGAB M-Bus

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35987

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01




CVE-2021-33796 - In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

Product: MuJS regexp

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-33796

NVD References: https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515




CVE-2021-32494 - Radare2's Mach-O parser's rebase_buffer function has a division by zero vulnerability, allowing for malicious inputs causing denial of service.

Product: Radare2 Mach-O parser

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-32494

NVD References: 

- https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62

- https://github.com/radareorg/radare2/issues/18667




CVE-2021-32495 - Radare2 has a use-after-free vulnerability in its pyc parser's get_none_object function, allowing attackers to read freed memory and cause denial of service.

Product: Radare2 pyc parser

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-32495

NVD References: 

- https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05

- https://github.com/radareorg/radare2/issues/18666




CVE-2022-4361 - Keycloak has a cross-site scripting (XSS) vulnerability that allows attackers to execute malicious scripts via the SAML or OIDC providers by manipulating URLs.

Product: Keycloak open-source identity and access management solution

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-4361

NVD References: 

- https://bugzilla.redhat.com/show_bug.cgi?id=2151618

- https://github.com/keycloak/keycloak/commit/a1cfe6e24e5b34792699a00b8b4a8016a5929e3a




CVE-2023-37261 - OpenComputers is a Minecraft mod that enables unauthorized access and information exposure in versions 1.2.0 to 1.8.3, allowing players to potentially pivot or escalate privileges, gain access to metadata servers, and compromise the hosting provider's network.

Product: OpenComputers Minecraft

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37261

NVD References: 

- https://github.com/MightyPirates/OpenComputers/blob/5b2ba76a4c242b369b9b6ac6196fd04d96580ad0/src/main/resources/application.conf#L966-L986

- https://github.com/MightyPirates/OpenComputers/blob/5b2ba76a4c242b369b9b6ac6196fd04d96580ad0/src/main/scala/li/cil/oc/Settings.scala#L614-L637

- https://github.com/MightyPirates/OpenComputers/commit/d13c015357fd6c42e0a1bdd6e1ef9462f0450a15

- https://github.com/MightyPirates/OpenComputers/issues/2365

- https://github.com/MightyPirates/OpenComputers/releases/tag/1.12.2-forge%2F1.8.3

- https://github.com/MightyPirates/OpenComputers/security/advisories/GHSA-vvfj-xh7c-j2cm

- https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2




CVE-2023-37262 - CC: Tweaked, a mod for Minecraft, allows unauthorized access to sensitive information via metadata services API endpoints on popular cloud hosting providers, potentially leading to privilege escalation or pivoting into the hosting provider.

Product: CC Tweaked Minecraft

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37262

NVD References: 

- https://github.com/MightyPirates/OpenComputers/security/advisories/GHSA-vvfj-xh7c-j2cm

- https://github.com/cc-tweaked/CC-Tweaked/blob/96847bb8c28df51e5e49f2dd2978ff6cc4e2821b/projects/core/src/main/java/dan200/computercraft/core/apis/http/options/AddressPredicate.java#L116-L126

- https://github.com/cc-tweaked/CC-Tweaked/commit/4bbde8c50c00bc572578ab2cff609b3443d10ddf

- https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2

- https://github.com/dan200/ComputerCraft/issues/170




CVE-2023-37286 - SmartSoft SmartBPM.NET has a vulnerability that allows an unauthenticated remote attacker to execute arbitrary code and disrupt service by exploiting a hard-coded machine key.

Product: SmartSoft SmartBPM.NET

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37286

NVD References: https://www.twcert.org.tw/tw/cp-132-7221-438c6-1.html




CVE-2023-37287 - SmartBPM.NET has a hard-coded authentication key vulnerability that allows unauthenticated remote attackers to access the system, read application data, and execute submission and approval processes with regular user privilege.

Product: SmartBPM.NET

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37287

NVD References: https://www.twcert.org.tw/tw/cp-132-7222-cdfd0-1.html




CVE-2021-42081 - An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API.

Product: OSNEXUS QuantaStor before 6.0.0.355

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-42081

NVD References: 

- https://csirt.divd.nl/CVE-2021-42081

- https://www.osnexus.com/products/software-defined-storage

- https://www.wbsec.nl/osnexus




CVE-2021-4406 - An administrator is able to execute commands as root via the alerts management dialog

Product: OSNEXUS QuantaStor version 6.0.0.355 and otehrs

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4406

NVD References: 

- https://csirt.divd.nl/CVE-2021-4406

- https://www.divd.nl/DIVD-2021-00020

- https://www.osnexus.com/products/software-defined-storage




CVE-2023-2046 - Yontem Informatics Vehicle Tracking System before 8 is vulnerable to SQL Injection.

Product: Yontem Informatics Vehicle Tracking System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2046

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0389




CVE-2023-2852 - Softmed SelfPatron before 2.0 allows SQL Injection.

Product: Softmed SelfPatron

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2852

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0388




CVE-2023-32250 - The Linux kernel's ksmbd is vulnerable to code execution due to a lack of proper locking in the processing of SMB2_SESSION_SETUP commands.

Product: Linux kernel

Product: ksmbd 

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32250

NVD References: 

- https://access.redhat.com/security/cve/CVE-2023-32250

- https://bugzilla.redhat.com/show_bug.cgi?id=2208849

- https://www.zerodayinitiative.com/advisories/ZDI-23-698/




CVE-2023-32254 - The Linux kernel's ksmbd is vulnerable to code execution due to improper locking during SMB2_TREE_DISCONNECT command processing. Product: Linux kernel's ksmbd

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32254

NVD References: 

- https://access.redhat.com/security/cve/CVE-2023-32254

- https://bugzilla.redhat.com/show_bug.cgi?id=2191658

- https://www.zerodayinitiative.com/advisories/ZDI-23-702/




CVE-2023-3045 - Tise Technology Parking Web Report before 2.1 allows SQL Injection.

Product: Tise Technology Parking Web Report

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3045

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0387




CVE-2023-37277 - XWiki Platform allows cross-site request forgery (CSRF) attacks through its REST API, enabling remote code execution and impacting the integrity, availability, and confidentiality of the system.

Product: XWiki Platform

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37277

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/4c175405faa0e62437df397811c7526dfc0fbae7

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6xxr-648m-gch6

- https://jira.xwiki.org/browse/XWIKI-20135




CVE-2023-34347 - Delta Electronics InfraSuite Device Master versions prior to 1.0.7 allows remote code execution through unserialized classes.

Product: Delta Electronics InfraSuite Device Master

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34347

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01




CVE-2023-24489 - Customer-managed ShareFile storage zones controller is susceptible to remote compromise by an unauthenticated attacker.

Product: ShareFile storage zones controller 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24489

NVD References: https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489




CVE-2023-36922 - SAP NetWeaver ABAP (IS-OIL) versions 600-806 allow an authenticated attacker to inject arbitrary operating system commands, resulting in unauthorized access and potential system shutdown.

Product: SAP NetWeaver ABAP

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36922

NVD References: 

- https://me.sap.com/notes/3350297

- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html




CVE-2023-31191 - The DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection, allowing an attacker to inject high power spoofed ODID messages to force the receiver to drop real RID information and transmit crafted RID information instead, compromising the access to drones’ real RID information.

Product: BlueMark Innovations DroneScout ds230

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31191

NVD References: 

- https://download.bluemark.io/dronescout/firmware/history.txt

- https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-31191/




CVE-2023-29130 - SIMATIC CN 4100 (All versions < V2.5) suffers from improper access controls in configuration files, allowing attackers to escalate privileges and gain admin access for complete device control.

Product: SIMATIC CN 4100

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29130

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf




CVE-2023-36750 - The RUGGEDCOM ROX series (All versions < V2.16.0) is vulnerable to command injection through the software-upgrade Url parameter, allowing authenticated attackers to execute arbitrary code with root privileges.

Product: Siemens RUGGEDCOM ROX MX5000RE

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36750

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-36751 - The affected RUGGEDCOM ROX series devices are vulnerable to command injection through the install-app URL parameter, potentially enabling an authenticated remote attacker to execute arbitrary code with root privileges.

Product: Siemens RUGGEDCOM ROX

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36751

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-36752 -  The RUGGEDCOM ROX MX5000, RUGGEDCOM ROX MX5000RE, RUGGEDCOM ROX RX1400, RUGGEDCOM ROX RX1500, RUGGEDCOM ROX RX1501, RUGGEDCOM ROX RX1510, RUGGEDCOM ROX RX1511, RUGGEDCOM ROX RX1512, RUGGEDCOM ROX RX1524, RUGGEDCOM ROX RX1536, and RUGGEDCOM ROX RX5000 products are vulnerable to command injection through the upgrade-app URL parameter, allowing an attacker to execute arbitrary code with root privileges.

Product: Siemens RUGGEDCOM

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36752

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-36753 - The RUGGEDCOM ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000 devices are vulnerable to command injection via the uninstall-app App-name parameter in the web interface, potentially allowing a privileged remote attacker to execute arbitrary code with root privileges.

Product: Siemens RUGGEDCOM ROX

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36753

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-36754 - The RUGGEDCOM ROX products are vulnerable to command injection in the web interface's SCEP server configuration URL parameter, enabling authenticated remote attackers to execute arbitrary code with root privileges.

Product: Siemens RUGGEDCOM

product name: ROX MX5000 

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36754

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-36755 - The affected RUGGEDCOM ROX MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000 products are vulnerable to command injection via the SCEP CA Certificate Name parameter in the web interface, enabling attackers to execute arbitrary code.

Product: Siemens RUGGEDCOM

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36755

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf




CVE-2023-2746 - The Rockwell Automation Enhanced HIM software is vulnerable to a CSRF attack due to insufficient protection of its API and incorrect CORS settings, potentially leading to sensitive information disclosure and remote access.

Product: Rockwell Automation Enhanced HIM software

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2746

NVD References: https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139760




CVE-2023-21526 - Windows Netlogon Information Disclosure Vulnerability

Product: Microsoft Windows

CVSS Score: 7.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21526

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21526




CVE-2023-21756 - Windows Win32k Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21756

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21756




CVE-2023-29347 - Windows Admin Center Spoofing Vulnerability

Product: Microsoft Windows Admin Center

CVSS Score: 8.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29347

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29347




CVE-2023-32038 - Microsoft ODBC Driver Remote Code Execution Vulnerability

Product: Microsoft ODBC Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32038

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32038




CVE-2023-32044, CVE-2023-32045 - Microsoft Message Queuing Denial of Service Vulnerabilities

Product: Microsoft Message Queuing

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32044

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32045

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32044

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32045




CVE-2023-32047 - Paint 3D Remote Code Execution Vulnerability

Product: Microsoft Paint 3D

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32047

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32047




CVE-2023-32050 - Windows Installer Elevation of Privilege Vulnerability

Product: Microsoft  Windows Installer

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32050

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050




CVE-2023-32051 - Raw Image Extension Remote Code Execution Vulnerability

Product: Microsoft Raw Image Extension

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32051

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32051




CVE-2023-32053 - Windows Installer Elevation of Privilege Vulnerability

Product: Microsoft Windows Installer

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32053

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32053




CVE-2023-32054 - Volume Shadow Copy Elevation of Privilege Vulnerability

Product: Microsoft Volume Shadow Copy

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32054

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32054




CVE-2023-32056 - Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Product: Microsoft Windows Server Update Service (WSUS)

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32056

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32056




CVE-2023-32084 -  HTTP.sys Denial of Service Vulnerability

Product: Microsoft HTTP.sys

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32084

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32084




CVE-2023-33127 - .NET and Visual Studio Elevation of Privilege Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33127

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127




CVE-2023-33134 - Microsoft SharePoint Server Remote Code Execution Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33134

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33134




CVE-2023-33148 - Microsoft Office Elevation of Privilege Vulnerability

Product: Microsoft Office

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33148

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33148




CVE-2023-33149 - Microsoft Office Graphics Remote Code Execution Vulnerability

Product: Microsoft Office

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33149

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33149




CVE-2023-33152 - Microsoft ActiveX Remote Code Execution Vulnerability

Product: Microsoft ActiveX

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33152

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33152




CVE-2023-33154 - Windows Partition Management Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Partition Management Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33154

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33154




CVE-2023-33155 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Cloud Files Mini Filter Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33155

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33155




CVE-2023-33157 - Microsoft SharePoint Remote Code Execution Vulnerability

Product: Microsoft SharePoint

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33157

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157




CVE-2023-33160 - Microsoft SharePoint Server Remote Code Execution Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33160

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33160




CVE-2023-33159 - Microsoft SharePoint Server Spoofing Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33159

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33159




CVE-2023-33158 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33158

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33158




CVE-2023-33161 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33161

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33161




CVE-2023-33163 - Windows Network Load Balancing Remote Code Execution Vulnerability

Product: Microsoft Windows Network Load Balancing

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33163

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33163




CVE-2023-33170 - ASP.NET and Visual Studio Security Feature Bypass Vulnerability

Product: Microsoft ASP.NET and Visual Studio

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33170

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170




CVE-2023-33171 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Product: Microsoft Dynamics 365

CVSS Score: 8.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33171

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33171




CVE-2023-35297 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Product: Microsoft Windows

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35297

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35297




CVE-2023-35298 - HTTP.sys Denial of Service Vulnerability

Product: Microsoft HTTP.sys

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35298

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35298




CVE-2023-35299 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Common Log File System Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35299

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35299




CVE-2023-35300 - Remote Procedure Call Runtime Remote Code Execution Vulnerability

Product: Microsoft Windows Operating System

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35300

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35300




CVE-2023-35302 - Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35302

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35302




CVE-2023-35303 - USB Audio Class System Driver Remote Code Execution Vulnerability

Product: Not enough information is provided in the given vulnerability description to determine the vendor and product names. 

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35303

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35303




CVE-2023-35304, CVE-2023-35305 - Windows Kernel Elevation of Privilege Vulnerabilities

Product: Microsoft Windows Kernel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35304

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35305

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35304

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35305




CVE-2023-35312 - Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability

Product: Microsoft VOLSNAP.SYS

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35312

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312




CVE-2023-35313 - Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability

Product: Microsoft Windows Online Certificate Status Protocol (OCSP) SnapIn

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35313

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35313




CVE-2023-35315 - Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability

Product: Microsoft  Windows Layer-2 Bridge Network Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35315

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315




CVE-2023-35317 - Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Product: Microsoft Windows Server Update Service (WSUS)

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35317

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35317




CVE-2023-35320 - Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Product: Microsoft Connected User Experiences and Telemetry

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35320

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35320




CVE-2023-35322 - Windows Deployment Services Remote Code Execution Vulnerability

Product: Microsoft Windows Deployment Services

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35322

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322




CVE-2023-35323 - Windows OLE Remote Code Execution Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35323

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35323




CVE-2023-35325 - Windows Print Spooler Information Disclosure Vulnerability

Product: Microsoft Windows Print Spooler

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35325

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35325




CVE-2023-35328 - Windows Transaction Manager Elevation of Privilege Vulnerability

Product: Microsoft Windows Transaction Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35328

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35328




CVE-2023-35330 - Windows Extended Negotiation Denial of Service Vulnerability

Product: Microsoft Windows

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35330

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330




CVE-2023-35333 - MediaWiki PandocUpload Extension Remote Code Execution Vulnerability

Product: MediaWiki PandocUpload Extension

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35333

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35333

 



CVE-2023-35335 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Product: Microsoft Dynamics 365

CVSS Score: 8.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35335

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35335




CVE-2023-35337 - Win32k Elevation of Privilege Vulnerability

Product: Microsoft Win32k

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35337

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35337




CVE-2023-35338 - Windows Peer Name Resolution Protocol Denial of Service Vulnerability

Product: Microsoft Windows Peer Name Resolution Protocol

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35338

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338




CVE-2023-35339 - Windows CryptoAPI  Denial of Service Vulnerability

Product: Microsoft Windows CryptoAPI

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35339

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339




CVE-2023-35340 - Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Product: Microsoft Windows CNG Key Isolation Service

CVSS Score: 7.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35340

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35340




CVE-2023-35342 - Windows Image Acquisition Elevation of Privilege Vulnerability

Product: Microsoft Windows Image Acquisition

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35342

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35342




CVE-2023-35343 - Windows Geolocation Service Remote Code Execution Vulnerability

Product: Microsoft Windows Geolocation Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35343

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35343




CVE-2023-35347 - Microsoft Install Service Elevation of Privilege Vulnerability

Product: Microsoft Install Service

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35347

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347




CVE-2023-35350 - Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability

Product: Microsoft  Windows Active Directory Certificate Services (AD CS)

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35350

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350




CVE-2023-35352 - Windows Remote Desktop Security Feature Bypass Vulnerability

Product: Microsoft Windows Remote Desktop

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35352

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35352




CVE-2023-35358, CVE-2023-35360, CVE-2023-35361, CVE-2023-35363, CVE-2023-35364 - Windows Kernel Elevation of Privilege Vulnerabilities

Product: Microsoft Windows Kernel

CVSS Score: 7.0 - 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35356

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35357

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35358

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35360

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35361

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35363

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35364

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35357

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35358

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35360

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35361

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35363

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35364




CVE-2023-35362 - Windows Clip Service Elevation of Privilege Vulnerability

Product: Microsoft Windows Clip Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35362

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35362




CVE-2023-35374 - Paint 3D Remote Code Execution Vulnerability

Product: Microsoft Paint 3D

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35374

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35374




CVE-2023-36825 - Decidim is vulnerable to remote code execution due to a deserialization issue in the `_state` query parameter, fixed in version `14.5.0` and later.

Product: No vendor name or product name is mentioned in the given vulnerability description. 

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36825

NVD References: 

- https://github.com/orchidsoftware/platform/releases/tag/14.5.0

- https://github.com/orchidsoftware/platform/security/advisories/GHSA-ph6g-p72v-pc3p




CVE-2023-36867 - Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability

Product: Visual Studio Code GitHub Pull Requests and Issues Extension

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36867

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36867




CVE-2023-24492 - Citrix Secure Access client for Ubuntu is vulnerable to remote code execution through an attacker-crafted link if a user accepts malicious prompts.

Product: Citrix Secure Access

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24492

NVD References: https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492




CVE-2023-32033 - Microsoft Failover Cluster Remote Code Execution Vulnerability

Product: Microsoft Failover Cluster

CVSS Score: 6.6 AtRiskScore 25

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32033

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32033




CVE-2023-32034, CVE-2023-32035 - Remote Procedure Call Runtime Denial of Service Vulnerabilities

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32034

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32035

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32034

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32035




CVE-2023-32037 - Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability

Product: Microsoft Windows Layer-2 Bridge Network Driver

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32037

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32037




CVE-2023-32039 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32039

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32039




CVE-2023-32040 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32040

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32040




CVE-2023-32041 - Windows Update Orchestrator Service Information Disclosure Vulnerability

Product: Microsoft Windows Update Orchestrator

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32041

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32041




CVE-2023-32042 - OLE Automation Information Disclosure Vulnerability

Product: Microsoft OLE Automation

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32042

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32042




CVE-2023-32043 - Windows Remote Desktop Security Feature Bypass Vulnerability

Product: Microsoft Windows Remote Desktop 

CVSS Score: 6.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32043

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32043




CVE-2023-32052 - Microsoft Power Apps (online) Spoofing Vulnerability

Product: Microsoft Power Apps

CVSS Score: 5.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32052

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32052




CVE-2023-32055 - Active Template Library Elevation of Privilege Vulnerability

Product: Active Template Library Elevation of Privilege

CVSS Score: 6.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32055

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32055




CVE-2023-32083 - Microsoft Failover Cluster Information Disclosure Vulnerability

Product: Microsoft Failover Cluster

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32083

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32083




CVE-2023-32085 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32085

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32085




CVE-2023-33151 - Microsoft Outlook Spoofing Vulnerability

Product: Microsoft Outlook

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33151

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33151




CVE-2023-33153 - Microsoft Outlook Remote Code Execution Vulnerability

Product: Microsoft Outlook

CVSS Score: 6.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33153

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33153




CVE-2023-33156 - Microsoft Defender Elevation of Privilege Vulnerability

Product: Microsoft Defender

CVSS Score: 6.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33156

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33156




CVE-2023-33162 - Microsoft Excel Information Disclosure Vulnerability

Product: Microsoft Excel

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33162

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33162




CVE-2023-33164 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33164

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33164




CVE-2023-33165 - Microsoft SharePoint Server Security Feature Bypass Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 4.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33165

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33165




CVE-2023-33166 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33166

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33166




CVE-2023-33167 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft  Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33167

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167




CVE-2023-33168 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33168

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33168




CVE-2023-33169 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33169

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33169




CVE-2023-33172 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33172

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33172




CVE-2023-33173 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33173

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33173




CVE-2023-33174 - Windows Cryptographic Information Disclosure Vulnerability

Product: Microsoft Windows

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33174

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33174




CVE-2023-35296 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35296

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35296




CVE-2023-35306 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35306

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35306




CVE-2023-35308 - Windows MSHTML Platform Security Feature Bypass Vulnerability

Product: Microsoft Windows MSHTML Platform

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35308

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35308




CVE-2023-35310 - Windows DNS Server Remote Code Execution Vulnerability

Product: Microsoft Windows DNS Server

CVSS Score: 6.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35310

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35310




CVE-2023-35314 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35314

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35314




CVE-2023-35316 - Remote Procedure Call Runtime Information Disclosure Vulnerability

Product: Microsoft Remote Procedure Call

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35316

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35316




CVE-2023-35318 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft  Remote Procedure Call (RPC) runtime

CVSS Score: 6.5 AtRiskScore 25

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35318

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35318




CVE-2023-35319 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35319

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35319

 



CVE-2023-35321 - Windows Deployment Services Denial of Service Vulnerability

Product: Microsoft  Windows Deployment Services

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35321

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35321




CVE-2023-35324 - Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Product: Microsoft PostScript and PCL6 Class Printer Driver

CVSS Score: 5.5 AtRiskScore 25

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35324

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35324




CVE-2023-35326 - Windows CDP User Components Information Disclosure Vulnerability

Product: Windows CDP User Components

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35326

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35326




CVE-2023-35329 - Windows Authentication Denial of Service Vulnerability

Product: Microsoft Windows Authentication

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35329

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35329




CVE-2023-35331 - Windows Local Security Authority (LSA) Denial of Service Vulnerability

Product: Microsoft Windows Local Security Authority (LSA)

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35331

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35331




CVE-2023-35332 - Windows Remote Desktop Protocol Security Feature Bypass

Product: Microsoft Windows Remote Desktop Protocol

CVSS Score: 6.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35332

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35332




CVE-2023-35336 - Windows MSHTML Platform Security Feature Bypass Vulnerability

Product: Microsoft Windows MSHTML Platform

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35336

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35336




CVE-2023-35341 - Microsoft DirectMusic Information Disclosure Vulnerability

Product: Microsoft DirectMusic

CVSS Score: 6.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35341

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341




CVE-2023-35344 - Windows DNS Server Remote Code Execution Vulnerability

Product: Microsoft Windows DNS Server

CVSS Score: 6.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35344

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35344




CVE-2023-35345 - Windows DNS Server Remote Code Execution Vulnerability

Product: Microsoft Windows DNS Server

CVSS Score: 6.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35345

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35345

 



CVE-2023-35346 - Windows DNS Server Remote Code Execution Vulnerability

Product: Microsoft Windows DNS Server

CVSS Score: 6.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35346

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35346




CVE-2023-35351 - Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability

Product: Microsoft Windows Active Directory Certificate Services (AD CS)

CVSS Score: 6.6 AtRiskScore 25

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35351

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35351




CVE-2023-35373 - Mono Authenticode Validation Spoofing Vulnerability

Product: Mono Authenticode

CVSS Score: 5.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35373

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35373




CVE-2023-36868 - Azure Service Fabric on Windows Information Disclosure Vulnerability

Product: Microsoft Azure Service Fabric

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36868

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36868




CVE-2023-36871 - Azure Active Directory Security Feature Bypass Vulnerability

Product: Microsoft Azure Active Directory

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36871

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871




CVE-2023-36872 - VP9 Video Extensions Information Disclosure Vulnerability

Product: No vendor or product name is mentioned in the given vulnerability description. 

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36872

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36872




CVE-2023-35348 - Active Directory Federation Service Security Feature Bypass Vulnerability

Product: Microsoft Active Directory Federation Service

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35348

ISC Diary: https://isc.sans.edu/diary/30018

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35348




Manual Review Needed: CVE: CVE-2017-11882