Microsoft releases 69 fixes this month including 6 Critical and 4 CVSS Rated 9.8
There are 6 Critical, 60 Important, 2 Moderate and a single Low severity fix this month. Microsoft Windows, Windows Components, Office and Office Components, Exchange Server, Microsoft Edge (Chromium-based), SharePoint Server, .NET and Visual Studio, Microsoft Teams and the Remote Desktop Client have all received fixes this month.
Robert Brown, Head of Customer Success for Syxsense said, “We have 4 patches that resolve vulnerabilities which have a CVSS score of more than 9 (Critical) and if you count all the individual CVSS scores together, June has a combined CVSS score of 500.2 up from 275.3 last month.”
Based on the Vendor Severity & CVSS Score, we have made a few recommendations below. As usual we recommend our customers enter the CVE numbers below into your Patch Management solution and deploy as soon as testing is complete.
CVE-2023-29357 – Microsoft SharePoint Server Elevation of Privilege Vulnerability
An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user.
Note: The vulnerability is More Likely to be Exploited
Syxscore
- Vendor Severity: Critical
- CVSS: 9.8
- Weaponized: No
- Public Aware: No
- Countermeasure: Yes
Syxscore Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges: None
- User Interaction: None
- Scope (Jump Point): Unchanged / No
CVE-2023-29363 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.
- Vendor Severity: Critical
- CVSS: 9.8
- Weaponized: No
- Public Aware: No
- Countermeasure: Yes
Syxscore Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges: None
- User Interaction: None
- Scope (Jump Point): Unchanged / No
CVE-2023-32009 – Windows Collaborative Translation Framework Elevation of Privilege Vulnerability
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
- Vendor Severity: Important
- CVSS: 8.8
- Weaponized: No
- Public Aware: No
- Countermeasure: No
Syxscore Risk
- Attack Vector: Local
- Attack Complexity: Low
- Privileges: Low
- User Interaction: None
- Scope (Jump Point): Changed / Yes
| Reference | Description | Vendor Severity | CVSS Score | Weaponized | Publicly Aware | Countermeasure | Additional Details | Impact | Exploitability Assessment |
| CVE-2023-29357 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Critical | 9.8 | No | No | Customers who have enabled the AMSI integration feature and use Microsoft Defender across their SharePoint Server farm(s) are protected from this vulnerability. | Elevation of Privilege | Exploitation More Likely | |
| CVE-2023-29363 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | None | The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. | Remote Code Execution | Exploitation Less Likely |
| CVE-2023-32014 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | None | The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. | Remote Code Execution | Exploitation Less Likely |
| CVE-2023-32015 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | None | The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. | Remote Code Execution | Exploitation Less Likely |
| CVE-2023-29362 | Remote Desktop Client Remote Code Execution Vulnerability | Important | 8.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29372 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important | 8.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29373 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Important | 8.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32009 | Windows Collaborative Translation Framework Elevation of Privilege Vulnerability | Important | 8.8 | No | No | None | Scope: Changed Jump Point: True |
Elevation of Privilege | Exploitation Less Likely |
| CVE-2023-32031 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 | No | No | None | Remote Code Execution | Exploitation More Likely | |
| CVE-2023-33131 | Microsoft Outlook Remote Code Execution Vulnerability | Important | 8.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29351 | Windows Group Policy Elevation of Privilege Vulnerability | Important | 8.1 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-24936 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | Moderate | 8.1 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-28310 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.0 | No | No | None | Remote Code Execution | Exploitation More Likely | |
| CVE-2023-24897 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | Critical | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-24895 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29326 | .NET Framework Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29346 | NTFS Elevation of Privilege Vulnerability | Important | 7.8 | No | No | None | An attacker who successfully exploited this vulnerability could gain administrator privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2023-29358 | Windows GDI Elevation of Privilege Vulnerability | Important | 7.8 | No | No | None | Elevation of Privilege | Exploitation More Likely | |
| CVE-2023-29359 | GDI Elevation of Privilege Vulnerability | Important | 7.8 | No | No | None | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2023-29360 | Windows TPM Device Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | None | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2023-29365 | Windows Media Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29366 | Windows Geolocation Service Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29367 | iSCSI Target WMI Provider Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29370 | Windows Media Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-29371 | Windows GDI Elevation of Privilege Vulnerability | Important | 7.8 | No | No | None | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2023-32008 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32017 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32018 | Windows Hello Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32029 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-33137 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-33146 | Microsoft Office Remote Code Execution Vulnerability | Important | 7.8 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32022 | Windows Server Service Security Feature Bypass Vulnerability | Important | 7.6 | No | No | None | Only AD-detached clusters are affected by this vulnerability. | Security Feature Bypass | Exploitation Less Likely |
| CVE-2023-29331 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | Important | 7.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-32011 | Windows iSCSI Discovery Service Denial of Service Vulnerability | Important | 7.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-32030 | .NET and Visual Studio Denial of Service Vulnerability | Important | 7.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-33141 | Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | Important | 7.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-33126 | .NET and Visual Studio Remote Code Execution Vulnerability | Important | 7.3 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-33128 | .NET and Visual Studio Remote Code Execution Vulnerability | Important | 7.3 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-33130 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 7.3 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-33133 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.3 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-33135 | .NET and Visual Studio Elevation of Privilege Vulnerability | Important | 7.3 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-21565 | Azure DevOps Server Spoofing Vulnerability | Important | 7.1 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-29337 | NuGet Client Remote Code Execution Vulnerability | Important | 7.1 | No | No | None | Remote Code Execution | Exploitation Less Likely | |
| CVE-2023-32021 | Windows SMB Witness Service Security Feature Bypass Vulnerability | Important | 7.1 | No | No | None | Security Feature Bypass | Exploitation Less Likely | |
| CVE-2023-29361 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important | 7.0 | No | No | None | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2023-29364 | Windows Authentication Elevation of Privilege Vulnerability | Important | 7.0 | No | No | None | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2023-29368 | Windows Filtering Platform Elevation of Privilege Vulnerability | Important | 7.0 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-32010 | Windows Bus Filter Driver Elevation of Privilege Vulnerability | Important | 7.0 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-32013 | Windows Hyper-V Denial of Service Vulnerability | Critical | 6.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-24937 | Windows CryptoAPI Denial of Service Vulnerability | Important | 6.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-24938 | Windows CryptoAPI Denial of Service Vulnerability | Important | 6.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-29352 | Windows Remote Desktop Security Feature Bypass Vulnerability | Important | 6.5 | No | No | None | Security Feature Bypass | Exploitation Less Likely | |
| CVE-2023-29369 | Remote Procedure Call Runtime Denial of Service Vulnerability | Important | 6.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-32032 | .NET and Visual Studio Elevation of Privilege Vulnerability | Important | 6.5 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-33129 | Microsoft SharePoint Denial of Service Vulnerability | Important | 6.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-33140 | Microsoft OneNote Spoofing Vulnerability | Important | 6.5 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-33142 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Important | 6.5 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-32012 | Windows Container Manager Service Elevation of Privilege Vulnerability | Important | 6.3 | No | No | None | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2023-33132 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 6.3 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-32016 | Windows Installer Information Disclosure Vulnerability | Important | 5.5 | No | No | None | Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. | Information Disclosure | Exploitation Less Likely |
| CVE-2023-33139 | Visual Studio Information Disclosure Vulnerability | Important | 5.5 | No | No | None | Information Disclosure | Exploitation Less Likely | |
| CVE-2023-21569 | Azure DevOps Server Spoofing Vulnerability | Moderate | 5.5 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-29353 | Sysinternals Process Monitor for Windows Denial of Service Vulnerability | Low | 5.5 | No | No | None | Denial of Service | Exploitation Less Likely | |
| CVE-2023-24896 | Dynamics Finance and Operations Cross-site Scripting Vulnerability | Important | 5.4 | No | No | None | Scope: Changed Jump Point: True |
Spoofing | Exploitation Less Likely |
| CVE-2023-29355 | DHCP Server Service Information Disclosure Vulnerability | Important | 5.3 | No | No | Customers who have not configured their DHCP server as a failover are not affected by this vulnerability. | Information Disclosure | Exploitation Less Likely | |
| CVE-2023-33144 | Visual Studio Code Spoofing Vulnerability | Important | 5.0 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-32019 | Windows Kernel Information Disclosure Vulnerability | Important | 4.7 | No | No | None | Information Disclosure | Exploitation Less Likely | |
| CVE-2023-32020 | Windows DNS Spoofing Vulnerability | Important | 3.7 | No | No | None | Spoofing | Exploitation Less Likely | |
| CVE-2023-32024 | Microsoft Power Apps Spoofing Vulnerability | Important | 3.0 | No | No | None | Spoofing | Exploitation Less Likely |
