Reference |
Description |
Vulnerability Impact |
Vendor Severity |
CVSS Score |
Weaponized |
Publicly Aware |
Exploitability Assessment |
Additional Details |
CVE-2023-28252 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
Yes |
No |
Exploitation Detected |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-21554 |
Microsoft Message Queuing Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
9.8 |
No |
No |
Exploitation More Likely |
|
CVE-2023-28250 |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
9.8 |
No |
No |
Exploitation Less Likely |
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:
The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel.
You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine. |
CVE-2023-28231 |
DHCP Server Service Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
8.8 |
No |
No |
Exploitation More Likely |
|
CVE-2023-28240 |
Windows Network Load Balancing Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
8.8 |
No |
No |
Exploitation Less Likely |
A workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. The following workaround might be helpful in your situation:
Migrate from Network Load Balancing to Software Load Balancing. |
CVE-2023-28291 |
Raw Image Extension Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
8.4 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28219 |
Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
8.1 |
No |
No |
Exploitation More Likely |
|
CVE-2023-28220 |
Layer 2 Tunnelling Protocol Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
8.1 |
No |
No |
Exploitation More Likely |
|
CVE-2023-28232 |
Windows Point-to-Point Tunnelling Protocol Remote Code Execution Vulnerability |
Remote Code Execution |
Critical |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-21727 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. |
CVE-2023-24884 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24885 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24886 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24887 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24925 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24926 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24927 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24928 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-24929 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-28243 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-28275 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28297 |
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
8.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28296 |
Visual Studio Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
8.4 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28221 |
Windows Error Reporting Service Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
8.1 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28244 |
Windows Kerberos Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
8.1 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28268 |
Netlogon RPC Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
8.1 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-23375 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-24893 |
Visual Studio Code Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-24912 |
Windows Graphics Component Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation More Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-24924 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. |
CVE-2023-28225 |
Windows NTLM Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. |
CVE-2023-28236 |
Windows Kernel Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28237 |
Windows Kernel Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28246 |
Windows Registry Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. |
CVE-2023-28248 |
Windows Kernel Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. |
CVE-2023-28260 |
.NET DLL Hijacking Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28262 |
Visual Studio Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain administrator privileges. |
CVE-2023-28272 |
Windows Kernel Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28274 |
Windows Win32k Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation More Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28285 |
Microsoft Office Graphics Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28287 |
Microsoft Publisher Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28292 |
Raw Image Extension Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28293 |
Windows Kernel Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28295 |
Microsoft Publisher Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28304 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28311 |
Microsoft Word Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28309 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
Spoofing |
Important |
7.6 |
No |
No |
Exploitation Less Likely |
Scope = Changed, Jump Point = True |
CVE-2023-21769 |
Microsoft Message Queuing Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-24860 |
Microsoft Defender Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-24931 |
Windows Secure Channel Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28217 |
Windows Network Address Translation (NAT) Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
Mitigation Available: This vulnerability is limited to attacker traffic inside the NAT firewall. An enterprise perimeter firewall can be used to mitigate this attack. A NAT firewall works by only allowing requested internet traffic to pass through the gateway. Internet routed network traffic cannot attack the Windows Network Address Translation Service for this vulnerability. |
CVE-2023-28227 |
Windows Bluetooth Driver Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.5 |
No |
No |
Exploitation More Likely |
|
CVE-2023-28233 |
Windows Secure Channel Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28234 |
Windows Secure Channel Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28238 |
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28241 |
Windows Secure Socket Tunnelling Protocol (SSTP) Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28247 |
Windows Network File System Information Disclosure Vulnerability |
Information Disclosure |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28300 |
Azure Service Connector Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28302 |
Microsoft Message Queuing Denial of Service Vulnerability |
Denial of Service |
Important |
7.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-23384 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.3 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28254 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.2 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28222 |
Windows Kernel Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.1 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28224 |
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
7.1 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-24914 |
Win32k Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.0 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28216 |
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.0 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28218 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.0 |
No |
No |
Exploitation More Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28229 |
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.0 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. |
CVE-2023-28273 |
Windows Clip Service Elevation of Privilege Vulnerability |
Elevation of Privilege |
Important |
7.0 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
CVE-2023-28235 |
Windows Lock Screen Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
6.8 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could bypass the Windows Lock Screen security feature. |
CVE-2023-28269 |
Windows Boot Manager Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
6.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28270 |
Windows Lock Screen Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
6.8 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28223 |
Windows Domain Name Service Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28249 |
Windows Boot Manager Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28255 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28256 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28278 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28305 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28306 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28307 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28308 |
Windows DNS Server Remote Code Execution Vulnerability |
Remote Code Execution |
Important |
6.6 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-24883 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Information Disclosure |
Important |
6.5 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
CVE-2023-28267 |
Remote Desktop Protocol Client Information Disclosure Vulnerability |
Information Disclosure |
Important |
6.5 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
CVE-2023-28288 |
Microsoft SharePoint Server Spoofing Vulnerability |
Spoofing |
Important |
6.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28312 |
Azure Machine Learning Information Disclosure Vulnerability |
Information Disclosure |
Important |
6.5 |
No |
No |
Exploitation Less Likely |
An attacker who successfully exploited this vulnerability could access the system logs. |
CVE-2023-28313 |
Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability |
Spoofing |
Important |
6.1 |
No |
No |
Exploitation Less Likely |
Scope = Changed, Jump Point = True |
CVE-2023-28314 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
Spoofing |
Important |
6.1 |
No |
No |
Exploitation Less Likely |
Scope = Changed, Jump Point = True |
CVE-2023-28228 |
Windows Spoofing Vulnerability |
Spoofing |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28251 |
Windows Driver Revocation List Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28253 |
Windows Kernel Information Disclosure Vulnerability |
Information Disclosure |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28263 |
Visual Studio Information Disclosure Vulnerability |
Information Disclosure |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28266 |
Windows Common Log File System Driver Information Disclosure Vulnerability |
Information Disclosure |
Important |
5.5 |
No |
No |
Exploitation More Likely |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
CVE-2023-28271 |
Windows Kernel Memory Information Disclosure Vulnerability |
Information Disclosure |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28298 |
Windows Kernel Denial of Service Vulnerability |
Denial of Service |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28299 |
Visual Studio Spoofing Vulnerability |
Spoofing |
Important |
5.5 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28226 |
Windows Enrol Engine Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
5.3 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28277 |
Windows DNS Server Information Disclosure Vulnerability |
Information Disclosure |
Important |
4.9 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-28276 |
Windows Group Policy Security Feature Bypass Vulnerability |
Security Feature Bypass |
Important |
4.4 |
No |
No |
Exploitation Less Likely |
|
CVE-2023-21729 |
Remote Procedure Call Runtime Information Disclosure Vulnerability |
Information Disclosure |
Important |
4.3 |
No |
No |
Exploitation Less Likely |
Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. |