Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
Microsoft.NET Framework CVE-2023-36049 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
MicrosoftASP.NET CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability
MicrosoftASP.NET CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability
MicrosoftASP.NET CVE-2023-36558 ASP.NET Core - Security Feature Bypass Vulnerability
MicrosoftAzure CVE-2023-36052 Azure CLI REST Command Information Disclosure Vulnerability
MicrosoftAzure CVE-2023-38151 Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
MicrosoftAzure CVE-2023-36021 Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability
MicrosoftAzure DevOps CVE-2023-36437 Azure DevOps Server Remote Code Execution Vulnerability
secalert@redhat.comMariner CVE-2020-1747 Unknown
cve@mitre.orgMariner CVE-2023-46316 Unknown
cve@mitre.orgMariner CVE-2023-46753 Unknown
security@kubernetes.ioMariner CVE-2020-8554 Unknown
secalert@redhat.comMariner CVE-2020-14343 Unknown
MitreMicrosoft Bluetooth Driver CVE-2023-24023 Mitre: CVE-2023-24023 Bluetooth Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36016 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36007 Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36031 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36410 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics 365 Sales CVE-2023-36030 Microsoft Dynamics 365 Sales Spoofing Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36014 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5996 Chromium: CVE-2023-5996 Use after free in WebAudio
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36022 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36027 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36029 Microsoft Edge (Chromium-based) Spoofing Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5480 Chromium: CVE-2023-5480 Inappropriate implementation in Payments
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5856 Chromium: CVE-2023-5856 Use after free in Side Panel
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5855 Chromium: CVE-2023-5855 Use after free in Reading Mode
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5854 Chromium: CVE-2023-5854 Use after free in Profiles
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5859 Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5858 Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5857 Chromium: CVE-2023-5857 Inappropriate implementation in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5850 Chromium: CVE-2023-5850 Incorrect security UI in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5849 Chromium: CVE-2023-5849 Integer overflow in USB
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5482 Chromium: CVE-2023-5482 Insufficient data validation in USB
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5853 Chromium: CVE-2023-5853 Incorrect security UI in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5852 Chromium: CVE-2023-5852 Use after free in Printing
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5851 Chromium: CVE-2023-5851 Inappropriate implementation in Downloads
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36024 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36034 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36050 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36039 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36035 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Office CVE-2023-36413 Microsoft Office Security Feature Bypass Vulnerability
MicrosoftMicrosoft Office CVE-2023-36045 Microsoft Office Graphics Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2023-36041 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2023-36037 Microsoft Excel Security Feature Bypass Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2023-38177 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Remote Registry Service CVE-2023-36423 Microsoft Remote Registry Service Remote Code Execution Vulnerability
MicrosoftMicrosoft Remote Registry Service CVE-2023-36401 Microsoft Remote Registry Service Remote Code Execution Vulnerability
MicrosoftMicrosoft WDAC OLE DB provider for SQL CVE-2023-36402 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Windows Search Component CVE-2023-36394 Windows Search Service Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Speech CVE-2023-36719 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
MicrosoftOpen Management Infrastructure CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability
MicrosoftTablet Windows User Interface CVE-2023-36393 Windows User Interface Application Core Remote Code Execution Vulnerability
MicrosoftVisual Studio CVE-2023-36042 Visual Studio Denial of Service Vulnerability
MicrosoftVisual Studio Code CVE-2023-36018 Visual Studio Code Jupyter Extension Spoofing Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36047 Windows Authentication Elevation of Privilege Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36428 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36046 Windows Authentication Denial of Service Vulnerability
MicrosoftWindows Cloud Files Mini Filter Driver CVE-2023-36036 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MicrosoftWindows Common Log File System Driver CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability
MicrosoftWindows Compressed Folder CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability
MicrosoftWindows Defender CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability
MicrosoftWindows Deployment Services CVE-2023-36395 Windows Deployment Services Denial of Service Vulnerability
MicrosoftWindows DHCP Server CVE-2023-36392 DHCP Server Service Denial of Service Vulnerability
MicrosoftWindows Distributed File System (DFS) CVE-2023-36425 Windows Distributed File System (DFS) Remote Code Execution Vulnerability
MicrosoftWindows DWM Core Library CVE-2023-36033 Windows DWM Core Library Elevation of Privilege Vulnerability
MicrosoftWindows HMAC Key Derivation CVE-2023-36400 Windows HMAC Key Derivation Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36427 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36407 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36406 Windows Hyper-V Information Disclosure Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36408 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Installer CVE-2023-36705 Windows Installer Elevation of Privilege Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2023-36397 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
MicrosoftWindows Kernel CVE-2023-36405 Windows Kernel Elevation of Privilege Vulnerability
MicrosoftWindows Kernel CVE-2023-36404 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel CVE-2023-36403 Windows Kernel Elevation of Privilege Vulnerability
MicrosoftWindows NTFS CVE-2023-36398 Windows NTFS Information Disclosure Vulnerability
MicrosoftWindows Protected EAP (PEAP) CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
MicrosoftWindows Scripting CVE-2023-36017 Windows Scripting Engine Memory Corruption Vulnerability
MicrosoftWindows SmartScreen CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability
MicrosoftWindows Storage CVE-2023-36399 Windows Storage Elevation of Privilege Vulnerability

CVE-2023-5996 - Chromium: CVE-2023-5996 Use after free in WebAudio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5996
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5996 Use after free in WebAudio
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.58 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 118.0.2088.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5996 None

CVE-2023-38151 - Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38151
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the target machine if the victim connects to the attacker's malicious DB2 server and they execute a specially crafted query.


Mitigations:

The following mitigating factors may be helpful in your situation:

The victim must have installed Microsoft OLE DB Provider for DB2 Server Version 7.0 for the target machine to be vulnerable.


Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38151
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Host Integration Server 2020 5032921 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 KB5032921 Maybe None
Microsoft OLE DB Provider for DB2 V7 5032921 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 KB5032921 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38151 bee13oy with Cyber Kunlun Lab

CVE-2023-36719 - Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36719
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36719
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36719 Marco Bartoli with Microsoft


Giulio Candreva with Microsoft

CVE-2023-36705 - Windows Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36705
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36705
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36705 Abdelhamid Naceri

CVE-2023-36560 - ASP.NET Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36560
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: ASP.NET Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

The attacker would be able to bypass the security checks that prevents an attacker from accessing internal applications in a website.


How could an attacker exploit this vulnerability?

The attacker could send a specially crafted request that would enable them to access parts of a web application that they would not normally have access to.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36560
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for 32-bit Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for x64-based Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) 5032004 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 04.8.4682.02 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36560 Markus Wulftange with CODE WHITE GmbH


Soroush Dalili with SecProject


Markus Wulftange with CODE WHITE GmbH

CVE-2023-36437 - Azure DevOps Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36437
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure DevOps Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit an integer overflow vulnerability that results in arbitrary heap writes, which could be used to perform arbitrary code execution.


According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on ADO?

Yes, the attacker needs to be authenticated to Azure DevOps server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36437
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Pipelines Agent Pull Request (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.39.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36437 Anonymous

CVE-2023-36428 - Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36428
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Information Disclosure 5031416
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Information Disclosure 5031416
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Information Disclosure 5031416
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Information Disclosure 5031416
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Information Disclosure 5031408
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Information Disclosure 5031408
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36428 Anonymous

CVE-2023-36427 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36427
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Real-world exploitability of this attack is very low. Successful exploitation of this vulnerability requires an attacker to obtain 12th+ generation hardware to trigger the vulnerability. In addition, the attacker can only populate data at the beginning of a page, and its contents are mostly uncontrollable.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36427
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36427 Satoshi Tanda with System Programming Lab

CVE-2023-36425 - Windows Distributed File System (DFS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36425
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker or targeted user to have both domain user and delegate management permissions on a non-default DFS namespace.


How could an attacker exploit this vulnerability?

An attacker could exploit a DFS namespace (non-default) out-of-bound write vulnerability that results in heap corruption, which could then be used to perform arbitrary code execution on the server's dfssvc.exe process which runs as SYSTEM user.


According to the CVSS metric, attack complexity is high (AC:H). What does that mean for this vulnerability?

In a real-world attack scenario, a domain admin would have to configure their DFS namespace in such a way to add a low privileged domain user to the delegate management permission on a certain DFS namespace.

In essence, a successful exploitation of this vulnerability would require a non-default and unlikely configuration.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36425
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36425 k0shl with Kunlun Lab

CVE-2023-36424 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36424
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to a High Integrity Level.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36424
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36424 Anonymous with SSD Secure Disclosure

CVE-2023-36423 - Microsoft Remote Registry Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36423
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group.

Although this group defaults to only Administrators, it is possible for an Administrator to add other standard users to this group.


How could an attacker exploit this vulnerability?

A remote, authenticated attacker who is on the domain and a member of the performance log users group could exploit an integer overflow vulnerability within regsvc to execute arbitrary code on the server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36423
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36423 k0shl with Kunlun Lab

CVE-2023-36422 - Microsoft Windows Defender Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36422
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


References Identification
Last version of the Windows Defender Antimalware Platform affected by this vulnerability Version 4.18.23070.1004
First version of the Windows Defender Antimalware Platform with this vulnerability addressed Version 4.18.23100.2009

See Manage Updates Baselines Microsoft Defender Antivirus for more information.

Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?

Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.

Why is no action required to install this update?

In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.

For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.

Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment.

How often are the Windows Defender Antimalware Platform and malware definitions updated?

Microsoft typically releases an update for the Windows Defender Antimalware Platform once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.

Depending on which Microsoft antimalware software is used and how it is configured, the software may search for platform, engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.

What is the Windows Defender Antimalware Platform?

The Windows Defender Antimalware Platform is a collection of user-mode binaries (e.g. MsMpEng.exe) and kernel-mode drivers that run on top of Windows to keep devices protected against new and prevalent threats.

Windows Defender uses the Windows Defender Antimalware Platform. On which products is Defender installed and active by default?

Defender runs on all supported versions of Windows.

Are there other products that use the Windows Defender Antimalware Platform?

Yes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.

Does this update contain any additional security-related changes to functionality?

Yes.  In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.

Suggested Actions

Verify that the update is installed

Customers should verify that the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed for their Microsoft antimalware products.

  1. Open the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.
  2. In the navigation pane, select Virus & threat protection.
  3. Under Virus & threat protection updates in the main window, select Check for updates.
  4. Select Check for updates again.
  5. In the navigation pane, select Settings, and then select About.
  6. Examine the Platform Version number. The update was successfully installed if the Malware Protection Platform version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.

Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36422
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Defender Antimalware Platform Release Notes (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 4.18.23100.2009 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36422 Sascha Meyer with GAI NetConsult GmbH

CVE-2023-36413 - Microsoft Office Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36413
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36413
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002521 (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002521 (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36413 Eduardo Braun Prado


Will Dormann with Vul Labs

CVE-2023-36410 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36410
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36410
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5032297 (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
 9.1.23.10 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36410 batram

CVE-2023-36052 - Azure CLI REST Command Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36052
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure CLI REST Command Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.6/TemporalScore:7.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and/or GitHub Actions.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


How could an attacker exploit this vulnerability?

An unauthenticated attacker can search and discover credentials contained in log files which have been stored in open-source repositories.


Where can I find more information?

Please see the MSRC Blog Post relating to this vulnerability here: Microsoft guidance regarding credentials leaked to Github Actions logs through Azure CLI.


What actions do customers need to take to protect themselves from this vulnerability?

Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36052
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
az functionapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az functionapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az logicapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az logicapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az staticwebapp appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az staticwebapp appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 No None
az webapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None
az webapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 2.53.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36052 Aviad Hahami with PANW

CVE-2023-36043 - Open Management Infrastructure Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36043
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Open Management Infrastructure Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelTemporary Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An attacker who successfully exploits this vulnerability could affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component could be different from the impacted component and are managed by different security authorities.


What type of information could be disclosed by this vulnerability?

Successful exploitation of this vulnerability could allow an attacker to access credentials of privileged accounts stored in trace logs on the machine being monitored by SCOM.


What versions of OMI are affected?

OMI versions v1.7.1-0 and below are affected.

How do the updates address the vulnerability?

The update disables logging of the credentials in the trace file and deletes the existing trace files that may have credentials logged.

Is there any action customers need to take?

In addition to updating their affected versions of SCOM, customers are encouraged to reset their privileged account passwords.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker be an authenticated user with read access to the trace file on the machine being monitored with SCOM and OMI installed.


What is OMI?

Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. SCOM uses this framework to orchestrate configuration management and log collection on Linux VMs. More information can be found here: GitHub - Open Management Infrastructure.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36043
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
System Center Operations Manager (SCOM) 2016 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
 1.7.3-0 Maybe None
System Center Operations Manager (SCOM) 2019 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
 1.7.3-0 Maybe None
System Center Operations Manager (SCOM) 2022 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
 1.7.3-0 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36043 Anonymous

CVE-2023-36036 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36036
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36036
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36036 Microsoft Threat Intelligence Microsoft Security Response Center

CVE-2023-36034 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36034
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability?

The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L). What does that mean for this vulnerability?

The attacker who successfully exploited the vulnerability could have limited ability to perform code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.44 11/02/2023 119.0.6045.105/.106
Extended Stable 118.0.2088.88 11/02/2023 118.0.5993.129

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36034
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Remote Code Execution None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 119.0.2151.44 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Moderate Remote Code Execution None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 118.0.2088.88 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36034 HAO LI of VenusTech ADLab

CVE-2023-36024 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36024
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires that a user open a specially crafted file.

  • In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
  • In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a browser sandbox escape.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?

While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.


Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal?

Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be downgraded". The CVSS scoring system doesn't allow for this type of nuance.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could allow the attacker to perform remote code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36024
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 119.0.2151.58 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 118.0.2088.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36024 Anonymous

CVE-2023-36017 - Windows Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36017
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Scripting Engine Memory Corruption Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.


The CVE title says Windows Scripting Engine, what does that mean for this vulnerability?

This vulnerability impacts the JScript9 scripting engine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36017
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
5032191 (IE Cumulative)		 Important Remote Code Execution 5031408

5031355		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816

1.001		 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
5032191 (IE Cumulative)		 Important Remote Code Execution 5031408

5031355		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816

1.001		 Yes 5032252
5032250
Windows Server 2012 5032191 (IE Cumulative)
5032247 (Monthly Rollup)		 Important Remote Code Execution 5031355
5031442		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.001
6.2.9200.24569		 Yes None
Windows Server 2012 (Server Core installation) 5032191 (IE Cumulative)
5032247 (Monthly Rollup)		 Important Remote Code Execution 5031355
5031442		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.001
6.2.9200.24569		 Yes None
Windows Server 2012 R2 5032191 (IE Cumulative)
5032249 (Monthly Rollup)		 Important Remote Code Execution 5031355
5031419		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.001
6.3.9600.21668		 Yes None
Windows Server 2012 R2 (Server Core installation) 5032191 (IE Cumulative)
5032249 (Monthly Rollup)		 Important Remote Code Execution 5031355
5031419		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 1.001
6.3.9600.21668		 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36017 Anonymous

CVE-2023-36007 - Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36007
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36007
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Send Customer Voice survey from Dynamics 365 app Release Notes (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
 9.0.0.8 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36007 Dhiral Patel

CVE-2023-38177 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38177
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.1/TemporalScore:5.3
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

In a network-based attack, an authenticated attacker could execute code remotely within the SharePoint Server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38177
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002517 (Security Update) Important Remote Code Execution None Base: 6.1
Temporal: 5.3
Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft SharePoint Server 2019 5002526 (Security Update) Important Remote Code Execution None Base: 6.1
Temporal: 5.3
Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 16.0.10404.20003 Maybe None
Microsoft SharePoint Server Subscription Edition 5002527 (Security Update) Important Remote Code Execution None Base: 6.1
Temporal: 5.3
Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 16.0.16731.20350 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38177 Anonymous

CVE-2023-36558 - ASP.NET Core - Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36558
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: ASP.NET Core - Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An unauthenticated attacker could bypass validations on Blazor Server forms.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then trigger an event that could exploit the vulnerability to save an invalid state to a database or trigger other unintended actions, depending on what functionality the form provides.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36558
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 6.0 5032883 (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 6.0.25 Maybe None
.NET 7.0 5032884 (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 7.0.14 Maybe None
.NET 8.0 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 8.0.0 Maybe None
ASP.NET Core 6.0 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Unknown Maybe None
ASP.NET Core 7.0 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Unknown Maybe None
ASP.NET Core 8.0 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Unknown Maybe None
Microsoft Visual Studio 2022 version 17.2 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 17.2.22 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 17.4.14 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 17.6.10 Maybe None
Microsoft Visual Studio 2022 version 17.7 Release Notes (Security Update) Important Security Feature Bypass None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 17.7.7 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36558 Barry Dorrans

CVE-2023-36439 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36439
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

For the vulnerability to be exploited, the attacker would need to be authenticated as a valid exchange user.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An authenticated attacker could gain remote code execution rights on the server mailbox backend as NT AUTHORITY\SYSTEM.


Are there any more actions I need to take to be protected from this vulnerability?

Yes. Customers running an affected version of Microsoft Exchange need to download the November 2023 Security Update and ensure the Serialized Data Signing feature is enabled to be protected from this vulnerability. Disabling certificate signing of Powershell serialization payloads makes your server vulnerable to known Exchange vulnerabilities and weakens protection against unknown threats. We recommend leaving this feature enabled.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36439
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5032147 (Security Update) Important Remote Code Execution 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.01.2507.035 Yes None
Microsoft Exchange Server 2019 Cumulative Update 12 5032146 (Security Update) Important Remote Code Execution 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1118.040 Yes None
Microsoft Exchange Server 2019 Cumulative Update 13 5032146 (Security Update) Important Remote Code Execution 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1258.028 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36439 m4yfly with TianGong Team of Legendsec at Qi'anxin Group

CVE-2023-36408 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36408
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

This vulnerability would require an unauthenticated attacker on a guest VM to send specially crafted file operation requests to the VM's hardware resources which could result in remote code execution on the host server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36408
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36408 ChengBin Wang with ZheJiang Guoli Security Technology and linfeng with Hebei Huace and linfeng with Hebei Huace

CVE-2023-36407 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36407
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36407
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36407 Anonymous

CVE-2023-36406 - Windows Hyper-V Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36406
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36406
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2022 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36406 Andrew Ruddick with Microsoft Security Response Center

CVE-2023-36405 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36405
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36405
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36405 Anonymous

CVE-2023-36404 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36404
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is values of registry keys the attacker does not have permissions to view.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36404
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2016 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36404 Mateusz Jurczyk of Google Project Zero

CVE-2023-36403 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36403
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36403
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Elevation of Privilege 5031416
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Elevation of Privilege 5031408
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36403 Mateusz Jurczyk of Google Project Zero

CVE-2023-36402 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36402
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.


According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?

An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to the client that exploit the vulnerability and permit execution of arbitrary code within the context of the user's SQL client application.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker could exploit the vulnerability by tricking an authenticated user (CVSS metric UI:R) into attempting to connect to a malicious SQL server via a connection driver (for example: ODBC and / or OLEDB as applicable).


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36402
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36402 Anonymous


Anonymous

CVE-2023-36401 - Microsoft Remote Registry Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36401
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group.

Although this group defaults to only Administrators, it is possible for an Administrator to add other standard users to this group.


How could an attacker exploit this vulnerability?

A remote, authenticated attacker who is on the domain and a member of the performance log users group could exploit an integer overflow vulnerability within regsvc to execute arbitrary code on the server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36401
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36401 k0shl with Kunlun Lab

CVE-2023-36400 - Windows HMAC Key Derivation Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36400
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows HMAC Key Derivation Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36400
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Critical Elevation of Privilege 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Critical Elevation of Privilege 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Critical Elevation of Privilege 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Critical Elevation of Privilege 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Critical Elevation of Privilege 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Critical Elevation of Privilege 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Critical Elevation of Privilege 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Critical Elevation of Privilege 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Critical Elevation of Privilege 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Critical Elevation of Privilege 5031356
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Critical Elevation of Privilege
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Critical Elevation of Privilege
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Critical Elevation of Privilege
5031356		 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Critical Elevation of Privilege 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Critical Elevation of Privilege 5031358
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Critical Elevation of Privilege 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Critical Elevation of Privilege 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Critical Elevation of Privilege 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Critical Elevation of Privilege 5031354
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2016 5032197 (Security Update) Critical Elevation of Privilege 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Critical Elevation of Privilege 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Critical Elevation of Privilege 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Critical Elevation of Privilege 5031361
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Critical Elevation of Privilege 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Critical Elevation of Privilege 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Critical Elevation of Privilege 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36400 None

CVE-2023-36399 - Windows Storage Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36399
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Storage Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) but have major impact on integrity (I:H) and on availability (A:H). What does that mean for this vulnerability?

This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that results in the service being unavailable.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36399
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36399 Microsoft Security Response Center

CVE-2023-36398 - Windows NTFS Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36398
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows NTFS Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36398
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2012 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Information Disclosure 5031362 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Information Disclosure 5031362 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Information Disclosure 5031361
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Information Disclosure 5031364 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Information Disclosure 5031364 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Information Disclosure 5031364 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36398 Anonymous

CVE-2023-36397 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36397
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code.


Mitigations:

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:

The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel.

You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine.


Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36397
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Critical Remote Code Execution 5031377 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Critical Remote Code Execution 5031377 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Critical Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Critical Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Critical Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Critical Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Critical Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Critical Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Critical Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Critical Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Critical Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Critical Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Critical Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Critical Remote Code Execution 5031358
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Critical Remote Code Execution 5031358
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Critical Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Critical Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Critical Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Critical Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Critical Remote Code Execution 5031416
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Critical Remote Code Execution 5031416
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Critical Remote Code Execution 5031416
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Critical Remote Code Execution 5031416
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Critical Remote Code Execution 5031408
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Critical Remote Code Execution 5031408
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Critical Remote Code Execution 5031442 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Critical Remote Code Execution 5031442 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Critical Remote Code Execution 5031419 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Critical Remote Code Execution 5031419 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Critical Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Critical Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Critical Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Critical Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Critical Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Critical Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Critical Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36397 Jarvis_1oop

CVE-2023-36396 - Windows Compressed Folder Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36396
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Compressed Folder Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36396
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36396 Or Yair with SafeBreach

CVE-2023-36395 - Windows Deployment Services Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36395
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Deployment Services Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36395
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Denial of Service 5031416
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Denial of Service 5031416
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Denial of Service 5031416
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Denial of Service 5031416
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Denial of Service 5031408
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Denial of Service 5031408
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Denial of Service 5031442 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Denial of Service 5031442 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Denial of Service 5031419 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Denial of Service 5031419 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Denial of Service 5031362 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Denial of Service 5031362 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Denial of Service 5031361
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Denial of Service 5031361
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36395 ThunderJ with KunlunLab


R4nger & Zhiniang Peng

CVE-2023-36394 - Windows Search Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36394
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Search Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36394
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36394 OUYANG FEI

CVE-2023-36393 - Windows User Interface Application Core Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36393
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows User Interface Application Core Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36393
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Remote Code Execution 5031416
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Remote Code Execution 5031408
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36393 kap0k

CVE-2023-36392 - DHCP Server Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36392
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DHCP Server Service Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36392
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2012 5032247 (Monthly Rollup) Important Denial of Service 5031442 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Denial of Service 5031442 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Denial of Service 5031419 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Denial of Service 5031419 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Denial of Service 5031362 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Denial of Service 5031362 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Denial of Service 5031361
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Denial of Service 5031361
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Denial of Service 5031364 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36392 YanZiShuang@BigCJTeam of cyberkl

CVE-2023-36046 - Windows Authentication Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36046
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Authentication Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability does not impact confidentiality (C:N) but has major impact on integrity (I:H) and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploits this vulnerability cannot access existing files (C:N) but can write or overwrite file contents (I:H), which potentially may cause the system to become unavailable (A:H).


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36046
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Denial of Service 5031358
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Denial of Service 5031358
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Denial of Service 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Denial of Service 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Denial of Service 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Denial of Service 5031354
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Denial of Service 5031364 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36046 George Hughey with MSRC Vulnerabilities & Mitigations

CVE-2023-36047 - Windows Authentication Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36047
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Authentication Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36047
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36047 Filip Dragović

CVE-2023-36049 - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36049
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability an attacker would have to inject arbitrary commands to the FTP server.


What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability would be access controls on the server, allowing for read or write abilities.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36049
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 6.0 5032883 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 6.0.25 Maybe None
.NET 7.0 5032884 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 7.0.14 Maybe None
.NET 8.0 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 8.0.0 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 5032336 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5032007 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5032007 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems 5032007 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems 5032007 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 5032336 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) 5032004 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 3.0.50727.8975 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06
4.7.4076.02		 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.7.4076.06 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5031989 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5031989 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)		 Important Elevation of Privilege Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 5031989 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5031989 (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 04.8.4682.02 Maybe None
Microsoft Visual Studio 2022 version 17.2 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 17.2.22 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 17.4.14 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 17.6.10 Maybe None
Microsoft Visual Studio 2022 version 17.7 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.6
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C
 17.7.7 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36049 Anonymous with Trend Micro


Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative

CVE-2023-24023 - Mitre: CVE-2023-24023 Bluetooth Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-24023
MITRE
NVD

Issuing CNA: Mitre

 CVE Title: Mitre: CVE-2023-24023 Bluetooth Vulnerability
CVSS:
None
Executive Summary:
None
FAQ:

Why is the MITRE Corporation the assigning CNA (CVE Numbering Authority)?

CVE-2023-24023 is regarding a vulnerability reported to the Bluetooth Special Interest Group (Bluetooth SIG). MITRE assigned this CVE number on behalf of the Bluetooth organization https://www.bluetooth.com/about-us/vision/.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-24023
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Spoofing 5031361
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Spoofing 5031361
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Spoofing 5031361
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Spoofing 5031356
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Spoofing 5031356
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Spoofing 5031356
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Spoofing
5031356		 Base: N/A
Temporal: N/A
Vector: N/A
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Spoofing
5031356		 Base: N/A
Temporal: N/A
Vector: N/A
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Spoofing
5031356		 Base: N/A
Temporal: N/A
Vector: N/A
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Spoofing 5031358
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Spoofing 5031358
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Spoofing 5031354
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Spoofing 5031354
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Spoofing 5031354
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Spoofing 5031354
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.22621.2715
 Yes 5032190
Windows Server 2019 5032196 (Security Update) Important Spoofing 5031361
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Spoofing 5031361
 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Spoofing 5031364 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Spoofing 5031364 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Spoofing 5031364 Base: N/A
Temporal: N/A
Vector: N/A
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-24023 Daniele Antonioli an assistant professor at EURECOM

CVE-2023-36050 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36050
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?

Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user.


How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by leveraging the known (Type 4) UnitySerializationHolder gadget through a deserialization of untrusted data. Exploitation of this vulnerability requires that a user gain LAN-access as well as obtain credentials for a valid Exchange user.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36050
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5032147 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.01.2507.035 Yes None
Microsoft Exchange Server 2019 Cumulative Update 12 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1118.040 Yes None
Microsoft Exchange Server 2019 Cumulative Update 13 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1258.028 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36050 Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative


CVE-2023-36039 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36039
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.


How could an attacker exploit this vulnerability?

An authenticated attacker could achieve exploitation by using a PowerShell remoting session to the server.


According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?

Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36039
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5032147 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.01.2507.035 Yes None
Microsoft Exchange Server 2019 Cumulative Update 12 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1118.040 Yes None
Microsoft Exchange Server 2019 Cumulative Update 13 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1258.028 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36039 Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative

CVE-2023-36041 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36041
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36041
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Excel 2016 (32-bit edition) 5002518 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002518 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.79.23111019 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36041 Marcin "Icewall" Noga of Cisco Talos

CVE-2023-36042 - Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36042
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Visual Studio Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36042
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Release Notes (Security Update) Important Denial of Service None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 16.11.32 Maybe None
Microsoft Visual Studio 2022 version 17.2 Release Notes (Security Update) Important Denial of Service None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.2.22 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.4.14 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.6.10 Maybe None
Microsoft Visual Studio 2022 version 17.7 Release Notes (Security Update) Important Denial of Service None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 17.7.7 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36042 Anonymous

CVE-2023-36045 - Microsoft Office Graphics Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36045
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Graphics Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36045
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.79.23111019 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36045 HAO LI of VenusTech ADLab


Anonymous working with Trend Micro Zero Day Initiative

CVE-2023-36037 - Microsoft Excel Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36037
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

Opening a malicious file could bypass the Microsoft Office Trust Center external links check. External links can include Dynamic Data Exchange (DDE) and/or references to other workbooks. See Block or unblock external content in Office documents - Microsoft Support for descriptions of related Trust Center settings.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36037
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Excel 2016 (32-bit edition) 5002518 (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002518 (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5422.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Security Feature Bypass None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.79.23111019 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36037 Nathan Shomber of Microsoft

CVE-2023-36038 - ASP.NET Core Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36038
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: ASP.NET Core Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.2/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

This vulnerability could be exploited if http requests to .NET 8 RC 1 running on IIS InProcess hosting model are cancelled. Threads counts would increase and an OutOfMemoryException is possible.


According to the CVSS metric, successful exploitation of this vulnerability could lead to a total loss of availability (A:H). What does that mean for this vulnerability?

If an attacker was able to successfully exploit the vulnerability the attack might result in a total loss of availability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36038
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
.NET 8.0 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 8.0.0 Maybe None
ASP.NET Core 8.0 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 Unknown Maybe None
Microsoft Visual Studio 2022 version 17.2 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 17.2.22 Maybe None
Microsoft Visual Studio 2022 version 17.4 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 17.4.14 Maybe None
Microsoft Visual Studio 2022 version 17.6 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 17.6.10 Maybe None
Microsoft Visual Studio 2022 version 17.7 Release Notes (Security Update) Important Denial of Service None Base: 8.2
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
 17.7.7 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36038 Barry Dorans

CVE-2023-36035 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36035
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.


How could an attacker exploit this vulnerability?

An authenticated attacker could achieve exploitation by using a PowerShell remoting session to the server.


According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?

Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user.


According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

An authenticated attacker could exploit this vulnerability with LAN access.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36035
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Exchange Server 2016 Cumulative Update 23 5032147 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.01.2507.035 Yes None
Microsoft Exchange Server 2019 Cumulative Update 12 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1118.040 Yes None
Microsoft Exchange Server 2019 Cumulative Update 13 5032146 (Security Update) Important Spoofing 5030877 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.02.1258.028 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36035 Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative

CVE-2023-36028 - Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36028
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An unauthenticated attacker could attack a Microsoft Protected Extensible Authentication Protocol (PEAP) Server by sending specially crafted malicious PEAP packets over the network.


Mitigations:

Microsoft Protected Extensible Authentication Protocol (PEAP) is only negotiated with the client if NPS is running on the Windows Server and has a network policy configured that allows PEAP. To stop using PEAP, customers should ensure that PEAP Type is not configured as an allowed EAP type in their network policy. To learn more, please see Configure the New Wireless Network Policy and Configure Network Policies


Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36028
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36028 Jarvis_1oop of vulnerability research institute

CVE-2023-36029 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36029
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelTemporary Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.44 11/02/2023 119.0.6045.105/.106
Extended Stable 118.0.2088.88 11/02/2023 118.0.5993.129

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Moderate Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36029
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge for Android Release Notes (Security Update) Moderate Spoofing None Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:T/RC:C
 118.0.2088.88 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36029 Hafiizh with https://www.linkedin.com/in/hafiizh-7aa6bb31/

CVE-2023-36030 - Microsoft Dynamics 365 Sales Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36030
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 Sales Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.1/TemporalScore:5.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would need to click on a specially crafted URL that could present a popup box requesting additional user input.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?

Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36030
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.0 5032298 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
 9.0.51.06 Maybe None
Microsoft Dynamics 365 (on-premises) version 9.1 5032297 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
 9.1.23.10 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36030 NGO VAN TU (@tusnj)

CVE-2023-36031 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36031
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36031
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5032297 (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
 9.1.23.10 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36031 batram

CVE-2023-36033 - Windows DWM Core Library Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36033
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows DWM Core Library Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected Yes Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36033
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356		 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36033 Quan Jin(@jq0904) with DBAPPSecurity WeBin Lab

CVE-2023-36021 - Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36021
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass certificate validation mechanisms and provide arbitrary certificates that do not have proper signatures.


According to the CVSS metric, the attack vector is network (AV:N), privilege required is low (PR:L) and user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability?

A security feature bypass vulnerability exists when On-Prem Data Gateway does not perform certificate validation logic correctly and impacts the reliability of the backend infrastructure's workflow. An authenticated attacker with normal user privileges, via network connection or web request, could provide the workflow with an arbitrary untrusted certificate, with an arbitrary common name, which does not have proper signature.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36021
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
On-Prem Data Gateway Download Guidance (Security Update) Important Security Feature Bypass None Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 3000.198.9 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36021 Stav Nir

CVE-2023-36022 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36022
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.6/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability?

The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L). What does that mean for this vulnerability?

The attacker who successfully exploited the vulnerability could have limited ability to perform code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.44 11/02/2023 119.0.6045.105/.106
Extended Stable 118.0.2088.88 11/02/2023 118.0.5993.129

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36022
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Remote Code Execution None Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C
 119.0.2151.44 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Moderate Remote Code Execution None Base: 6.6
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C
 118.0.2088.88 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36022 HAO LI of VenusTech ADLab

CVE-2023-36025 - Windows SmartScreen Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36025
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows SmartScreen Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

The attacker would be able to bypass Windows Defender SmartScreen checks and their associated prompts.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted Internet Shortcut (.URL) or a hyperlink pointing to an Internet Shortcut file to be compromised by the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36025
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Security Feature Bypass 5031361
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Security Feature Bypass 5031361
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Security Feature Bypass 5031361
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Security Feature Bypass 5031356
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Security Feature Bypass 5031356
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Security Feature Bypass 5031356
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19041.3693
 Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Security Feature Bypass
5031356		 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Security Feature Bypass
5031356		 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Security Feature Bypass
5031356		 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19045.3693		 Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Security Feature Bypass 5031358
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Security Feature Bypass 5031358
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22000.2600
 Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Security Feature Bypass 5031354
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Security Feature Bypass 5031354
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Security Feature Bypass 5031354
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Security Feature Bypass 5031354
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22621.2715
 Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Security Feature Bypass 5031416
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Security Feature Bypass 5031416
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Security Feature Bypass 5031416
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)		 Important Security Feature Bypass 5031416
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.0.6003.22367
 Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Security Feature Bypass 5031408
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)		 Important Security Feature Bypass 5031408
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.1.7601.26816
 Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Security Feature Bypass 5031442 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Security Feature Bypass 5031442 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Security Feature Bypass 5031419 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Security Feature Bypass 5031419 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Security Feature Bypass 5031361
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Security Feature Bypass 5031361
 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.5122
 Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Security Feature Bypass 5031364 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Security Feature Bypass 5031364 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Security Feature Bypass 5031364 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36025 Will Metcalf (Splunk), Microsoft Threat Intelligence, Microsoft Office Product Group Security Team

CVE-2023-36027 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36027
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?

While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.


Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal?

Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be downgraded". The CVSS scoring system doesn't allow for this type of nuance.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could allow the attacker to perform remote code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    10-Nov-23    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36027
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 119.0.2151.58 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 118.0.2088.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36027 Anonymous

CVE-2023-36014 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36014
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability?

The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L). What does that mean for this vulnerability?

The attacker who successfully exploited the vulnerability could have limited ability to perform code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-23    

Information published.


 Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36014
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Remote Code Execution None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 119.0.2151.58 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36014 HAO LI of VenusTech ADLab

CVE-2023-36016 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36016
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?

Successful exploitation of this vulnerability requires an attacker to already have admin or high privilege access to a security group within the tenant.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36016
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.0 5032298 (Security Update) Important Spoofing None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 9.0.51.06 Maybe None
Microsoft Dynamics 365 (on-premises) version 9.1 5032297 (Security Update) Important Spoofing None Base: 6.2
Temporal: 5.4
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
 9.1.23.10 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36016 Adrian-Daniel Bacanu with Razdon

CVE-2023-36018 - Visual Studio Code Jupyter Extension Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36018
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Visual Studio Code Jupyter Extension Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could gain high privileges, which include read, write, and delete functionality.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36018
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Jupyter Extension for Visual Studio Code Release Notes (Security Update) Important Spoofing None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2023.10.1100000000 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36018 Anonymous

CVE-2023-5480 - Chromium: CVE-2023-5480 Inappropriate implementation in Payments

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5480
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5480 Inappropriate implementation in Payments
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5480
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5480 None

CVE-2023-5482 - Chromium: CVE-2023-5482 Insufficient data validation in USB

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5482
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5482 Insufficient data validation in USB
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5482
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5482 None

CVE-2023-5849 - Chromium: CVE-2023-5849 Integer overflow in USB

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5849
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5849 Integer overflow in USB
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5849
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5849 None

CVE-2023-5850 - Chromium: CVE-2023-5850 Incorrect security UI in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5850
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5850 Incorrect security UI in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5850
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5850 None

CVE-2023-5851 - Chromium: CVE-2023-5851 Inappropriate implementation in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5851
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5851 Inappropriate implementation in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5851
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5851 None

CVE-2023-5852 - Chromium: CVE-2023-5852 Use after free in Printing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5852
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5852 Use after free in Printing
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5852
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5852 None

CVE-2023-5853 - Chromium: CVE-2023-5853 Incorrect security UI in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5853
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5853 Incorrect security UI in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5853
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5853 None

CVE-2023-5854 - Chromium: CVE-2023-5854 Use after free in Profiles

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5854
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5854 Use after free in Profiles
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5854
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5854 None

CVE-2023-5855 - Chromium: CVE-2023-5855 Use after free in Reading Mode

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5855
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5855 Use after free in Reading Mode
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5855
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5855 None

CVE-2023-5856 - Chromium: CVE-2023-5856 Use after free in Side Panel

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5856
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5856 Use after free in Side Panel
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5856
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5856 None

CVE-2023-5857 - Chromium: CVE-2023-5857 Inappropriate implementation in Downloads

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5857
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5857 Inappropriate implementation in Downloads
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5857
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5857 None

CVE-2023-5858 - Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5858
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5858
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5858 None

CVE-2023-5859 - Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5859
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
119.0.2151.44 11/02/2023 119.0.6045.105/.106

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5859
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 119.0.2151.44 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5859 None

CVE-2020-8554 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-8554
MITRE
NVD

Issuing CNA: security@kubernetes.io

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:5.0/TemporalScore:5.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-8554
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 5.0
Temporal: 5.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
 1.28.3-1 Unknown None
CBL Mariner 2.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 5.0
Temporal: 5.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
 1.28.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-8554 None

CVE-2023-46753 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46753
MITRE
NVD

Issuing CNA: cve@mitre.org

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46753
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 8.5.3-3 Unknown None
CBL Mariner 2.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 5.9
Temporal: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
 8.5.3-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46753 None

CVE-2023-46316 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46316
MITRE
NVD

Issuing CNA: cve@mitre.org

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46316
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM traceroute (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.1.3-1 Unknown None
CBL Mariner 2.0 x64 traceroute (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 2.1.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46316 None

CVE-2020-14343 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-14343
MITRE
NVD

Issuing CNA: secalert@redhat.com

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-14343
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM PyYAML (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 5.4.1-1 Unknown None
CBL Mariner 2.0 x64 PyYAML (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 5.4.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-14343 None

CVE-2020-1747 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-1747
MITRE
NVD

Issuing CNA: secalert@redhat.com

 CVE Title: Unknown
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07-Nov-23    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-1747
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM PyYAML (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 5.4.1-1 Unknown None
CBL Mariner 2.0 x64 PyYAML (CBL-Mariner) Unknown Unknown None Base: 9.8
Temporal: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 5.4.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-1747 None