Microsoft patches this month include 12 Critical and 2 Weaponised Threats
There are 12 Critical and 92 Important fixes this month. Microsoft Windows and Windows Components, Exchange Server, Microsoft Office and Office Components, ASP.NET, Visual Studio, Azure, Microsoft Dynamics and Skype for Business have all received fixes this month.
Robert Brown, Head of Customer Success for Syxsense said, “We have 2 patches that resolve vulnerabilities which are Weaponised and both of those are Publicly Aware. If you count all the individual CVSS scores together, October has a combined CVSS score of 756.8 up from 434.3 last month, however the average CVSS score was 7.3 which almost matches last month’s median score even though there were double the updates were fixed.”
Based on the Vendor Severity & CVSS Score, we have made a few recommendations below. As usual we recommend our customers enter the CVE numbers below into your Patch Management solution and deploy as soon as testing is complete.
CVE-2023-36563 – Microsoft WordPad Information Disclosure Vulnerability
This is the same kind of vulnerability as CVE-2023-36761 which was fixed last month. Exploiting this vulnerability could allow the disclosure of NTLM hashes, and as this was found via the Microsoft Threat Intelligence teams, this is likely being used to ransomware attacks.
Note: The vulnerability is Weaponised and Publicly Aware
Syxscore
- Vendor Severity: Important
- CVSS: 6.5
- Weaponised: Yes
- Public Aware: Yes
- Countermeasure: No
Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope / Jump Point: Unchanged / No
CVE-2023-41763 – Skype for Business Elevation of Privilege Vulnerability
This vulnerability is one of four updates fixed for Skype for Business this month. Although this vulnerability impacts Skype for Business Server 2013 and 2019, we have already found several detections where customers have re-provisioned servers for other purposes once they migrated to Teams, making this a hidden and extremely serious vulnerability to identify and resolve. Simply turning this off leaves you at risk.
Note: The vulnerability is Weaponised and Publicly Aware
Syxscore
- Vendor Severity: Important
- CVSS: 5.3
- Weaponised: Yes
- Public Aware: Yes
- Countermeasure: No
Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope / Jump Point: Unchanged / No
CVE-2023-35349 – Microsoft Message Queuing Remote Code Execution Vulnerability
Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. NOTE: The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel.
Note: The vulnerability is one of two fixes with a CVSS score of 9.8
Syxscore
- Vendor Severity: Critical
- CVSS: 9.8
- Weaponised: No
- Public Aware: No
- Countermeasure: Yes
Risk
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope / Jump Point: Unchanged / No
| Reference | Description | Severity | CVSS Score | Weaponised | Publicly Disclosed | Impact | Exploitability Assessment | Additional Details | Impact |
| CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability | Important | 6.5 | Yes | Yes | Information Disclosure | Exploitation Detected | Exploiting this vulnerability could allow the disclosure of NTLM hashes. | Information Disclosure |
| CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability | Important | 5.3 | Yes | Yes | Elevation of Privilege | Exploitation Detected | Elevation of Privilege | |
| CVE-2023-35349 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical | 9.8 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server.
The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. |
Remote Code Execution |
| CVE-2023-36434 | Windows IIS Server Elevation of Privilege Vulnerability | Important | 9.8 | No | No | Security Feature Bypass | Exploitation Less Likely | The attacker would be able to login as another user successfully.
In a network-based attack, an attacker could brute force user account passwords to log in as that user. Microsoft encourages the use of strong passwords that are more difficult for an attacker to brute force. |
Remote Code Execution |
| CVE-2023-36414 | Azure Identity SDK Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.
An attacker could then exploit an integer overflow vulnerability that results in arbitrary heap writes, which could be used to perform arbitrary code execution. |
Elevation of Privilege |
| CVE-2023-36415 | Azure Identity SDK Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call. | Remote Code Execution |
| CVE-2023-36419 | Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability | Important | 8.8 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain cluster administrator privileges. | Remote Code Execution |
| CVE-2023-36577 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36569 | Microsoft Office Elevation of Privilege Vulnerability | Important | 8.4 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Remote Code Execution |
| CVE-2023-38166 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Spoofing | |
| CVE-2023-41765 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Not a Vulnerability | |
| CVE-2023-41767 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-41768 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-41769 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-41770 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-41771 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-41773 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-41774 | Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.0 | No | No | Remote Code Execution | Exploitation More Likely | Information Disclosure | |
| CVE-2023-36718 | Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability | Critical | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Scope = Changed, Jump Point = True
Successful exploitation of this vulnerability would rely upon complex memory shaping techniques to attempt an attack. |
Remote Code Execution |
| CVE-2023-36417 | Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36418 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36436 | Windows MSHTML Platform Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols without prompting the user. | Remote Code Execution |
| CVE-2023-36557 | PrintHTML API Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols without prompting the user. | Remote Code Execution |
| CVE-2023-36593 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | Remote Code Execution |
| CVE-2023-36594 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Remote Code Execution |
| CVE-2023-36598 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36701 | Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36702 | Microsoft DirectMusic Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36703 | DHCP Server Service Denial of Service Vulnerability | Important | 7.8 | No | No | Denial of Service | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36704 | Windows Setup Files Cleanup Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36710 | Windows Media Foundation Core Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36711 | Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could create or delete files in the security context of the “NT AUTHORITY\ LOCAL SERVICE” account. | Elevation of Privilege |
| CVE-2023-36712 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. | Elevation of Privilege |
| CVE-2023-36723 | Windows Container Manager Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. | Elevation of Privilege |
| CVE-2023-36725 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36726 | Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. | Security Feature Bypass |
| CVE-2023-36729 | Named Pipe File System Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Spoofing |
| CVE-2023-36730 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the client receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client. | Spoofing |
| CVE-2023-36731 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Spoofing |
| CVE-2023-36732 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege |
| CVE-2023-36737 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36743 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Denial of Service |
| CVE-2023-36785 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via ODBC, which could result in the client receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client. | Denial of Service |
| CVE-2023-36790 | Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Remote Code Execution |
| CVE-2023-41766 | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36431 | Microsoft Message Queuing Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36435 | Microsoft QUIC Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Elevation of Privilege | |
| CVE-2023-36438 | Windows TCP/IP Information Disclosure Vulnerability | Important | 7.5 | No | No | Information Disclosure | Exploitation Less Likely | The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the unencrypted contents of IPsec packets from other sessions on a server. | Denial of Service |
| CVE-2023-36567 | Windows Deployment Services Information Disclosure Vulnerability | Important | 7.5 | No | No | Information Disclosure | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. | Denial of Service |
| CVE-2023-36579 | Microsoft Message Queuing Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36581 | Microsoft Message Queuing Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36585 | Active Template Library Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36602 | Windows TCP/IP Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36603 | Windows TCP/IP Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36606 | Microsoft Message Queuing Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Information Disclosure | |
| CVE-2023-36709 | Microsoft AllJoyn API Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Remote Code Execution | |
| CVE-2023-36720 | Windows Mixed Reality Developer Tools Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Security Feature Bypass | |
| CVE-2023-38171 | Microsoft QUIC Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | Spoofing | |
| CVE-2023-36605 | Windows Named Pipe Filesystem Elevation of Privilege Vulnerability | Important | 7.4 | No | No | Elevation of Privilege | Exploitation Less Likely | ||
| CVE-2023-36420 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-36561 | Azure DevOps Server Elevation of Privilege Vulnerability | Important | 7.3 | No | No | Elevation of Privilege | Exploitation Less Likely | The attacker would gain access to the secrets of the user of the affected application. | |
| CVE-2023-36570 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36571 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36572 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36573 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36574 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36575 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36578 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36582 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-36583 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36589 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36590 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36591 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36592 | Microsoft Message Queuing Remote Code Execution Vulnerability | Important | 7.3 | No | No | Remote Code Execution | Exploitation Less Likely | Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it run as a malicious server. | |
| CVE-2023-36780 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 | No | No | Remote Code Execution | Exploitation More Likely | ||
| CVE-2023-36786 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-36789 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-36565 | Microsoft Office Graphics Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Remote Code Execution | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain administrator privileges. | |
| CVE-2023-36568 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain administrator privileges. | |
| CVE-2023-36721 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Elevation of Privilege | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | |
| CVE-2023-36776 | Win32k Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Elevation of Privilege | Exploitation More Likely | A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver. | |
| CVE-2023-36902 | Windows Runtime Remote Code Execution Vulnerability | Important | 7.0 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-38159 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Elevation of Privilege | Exploitation More Likely | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | |
| CVE-2023-36697 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical | 6.8 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-29348 | Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | Important | 6.5 | No | No | Information Disclosure | Exploitation Less Likely | The type of information that could be disclosed if an attacker successfully exploited this vulnerability is remote heap memory. | |
| CVE-2023-36429 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Important | 6.5 | No | No | Information Disclosure | Exploitation Less Likely | ||
| CVE-2023-36433 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | Important | 6.5 | No | No | Remote Code Execution | Exploitation Less Likely | ||
| CVE-2023-36564 | Windows Search Security Feature Bypass Vulnerability | Important | 6.5 | No | No | Security Feature Bypass | Exploitation Less Likely | A security feature bypass vulnerability exists when MapUrlToZone fails to correctly handle certain paths. This could allow an attacker to plant files without Mark-of-the-Web (MotW). | |
| CVE-2023-36566 | Microsoft Common Data Model SDK Denial of Service Vulnerability | Important | 6.5 | No | No | Denial of Service | Exploitation Less Likely | Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. | |
| CVE-2023-36596 | Remote Procedure Call Information Disclosure Vulnerability | Important | 6.5 | No | No | Information Disclosure | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. | |
| CVE-2023-36706 | Windows Deployment Services Information Disclosure Vulnerability | Important | 6.5 | No | No | Information Disclosure | Exploitation Less Likely | An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. | |
| CVE-2023-36707 | Windows Deployment Services Denial of Service Vulnerability | Important | 6.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2023-36717 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Important | 6.5 | No | No | Denial of Service | Exploitation Less Likely | Scope = Changes, Jump Point = True
Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. |
|
| CVE-2023-36416 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important | 6.1 | No | No | Spoofing | Exploitation Less Likely | Scope = Changed, Jump Point = True
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. |
|
| CVE-2023-36576 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | No | No | Information Disclosure | Exploitation Less Likely | The type of information that could be disclosed if an attacker successfully exploited this vulnerability is device information like resource ids, Sas tokens, user properties, and other sensitive information. | |
| CVE-2023-36700 | Microsoft Defender Security Feature Bypass Vulnerability | Important | 5.5 | No | No | Security Feature Bypass | Exploitation Less Likely | ||
| CVE-2023-36713 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important | 5.5 | No | No | Information Disclosure | Exploitation More Likely | An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. | |
| CVE-2023-36724 | Windows Power Management Service Information Disclosure Vulnerability | Important | 5.5 | No | No | Information Disclosure | Exploitation Less Likely | ||
| CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability | Important | 5.5 | No | No | Denial of Service | Exploitation Less Likely | ||
| CVE-2023-36584 | Windows Mark of the Web Security Feature Bypass Vulnerability | Important | 5.4 | No | No | Security Feature Bypass | Exploitation Less Likely | ||
| CVE-2023-36722 | Active Directory Domain Services Information Disclosure Vulnerability | Important | 4.4 | No | No | Information Disclosure | Exploitation Less Likely | Successful exploitation of this vulnerability requires an attacker to have specific privileges and to use a brute force method to discover an attribute. | |
| CVE-2023-36698 | Windows Kernel Security Feature Bypass Vulnerability | Important | 3.6 | No | No | Security Feature Bypass | Exploitation Less Likely | ||
| CVE-2023-41772 | Win32k Elevation of Privilege Vulnerability | Important | NA | No | No | Elevation of Privilege | Exploitation More Likely |
