Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
Microsoft.NET Framework CVE-2023-36049 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
MicrosoftASP.NET CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability
MicrosoftASP.NET CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability
MicrosoftASP.NET CVE-2023-36558 ASP.NET Core - Security Feature Bypass Vulnerability
MicrosoftAzure CVE-2023-36052 Azure CLI REST Command Information Disclosure Vulnerability
MicrosoftAzure CVE-2023-38151 Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
MicrosoftAzure CVE-2023-36021 Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability
MicrosoftAzure DevOps CVE-2023-36437 Azure DevOps Server Remote Code Execution Vulnerability
secalert@redhat.comMariner CVE-2020-1747 Unknown
cve@mitre.orgMariner CVE-2023-46316 Unknown
cve@mitre.orgMariner CVE-2023-46753 Unknown
security@kubernetes.ioMariner CVE-2020-8554 Unknown
secalert@redhat.comMariner CVE-2020-14343 Unknown
MitreMicrosoft Bluetooth Driver CVE-2023-24023 Mitre: CVE-2023-24023 Bluetooth Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36016 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36007 Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36031 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics CVE-2023-36410 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MicrosoftMicrosoft Dynamics 365 Sales CVE-2023-36030 Microsoft Dynamics 365 Sales Spoofing Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36014 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5996 Chromium: CVE-2023-5996 Use after free in WebAudio
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36022 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36027 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36029 Microsoft Edge (Chromium-based) Spoofing Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5480 Chromium: CVE-2023-5480 Inappropriate implementation in Payments
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5856 Chromium: CVE-2023-5856 Use after free in Side Panel
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5855 Chromium: CVE-2023-5855 Use after free in Reading Mode
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5854 Chromium: CVE-2023-5854 Use after free in Profiles
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5859 Chromium: CVE-2023-5859 Incorrect security UI in Picture In Picture
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5858 Chromium: CVE-2023-5858 Inappropriate implementation in WebApp Provider
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5857 Chromium: CVE-2023-5857 Inappropriate implementation in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5850 Chromium: CVE-2023-5850 Incorrect security UI in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5849 Chromium: CVE-2023-5849 Integer overflow in USB
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5482 Chromium: CVE-2023-5482 Insufficient data validation in USB
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5853 Chromium: CVE-2023-5853 Incorrect security UI in Downloads
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5852 Chromium: CVE-2023-5852 Use after free in Printing
ChromeMicrosoft Edge (Chromium-based) CVE-2023-5851 Chromium: CVE-2023-5851 Inappropriate implementation in Downloads
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36024 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
MicrosoftMicrosoft Edge (Chromium-based) CVE-2023-36034 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36050 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36039 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Exchange Server CVE-2023-36035 Microsoft Exchange Server Spoofing Vulnerability
MicrosoftMicrosoft Office CVE-2023-36413 Microsoft Office Security Feature Bypass Vulnerability
MicrosoftMicrosoft Office CVE-2023-36045 Microsoft Office Graphics Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2023-36041 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2023-36037 Microsoft Excel Security Feature Bypass Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2023-38177 Microsoft SharePoint Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Remote Registry Service CVE-2023-36423 Microsoft Remote Registry Service Remote Code Execution Vulnerability
MicrosoftMicrosoft Remote Registry Service CVE-2023-36401 Microsoft Remote Registry Service Remote Code Execution Vulnerability
MicrosoftMicrosoft WDAC OLE DB provider for SQL CVE-2023-36402 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
MicrosoftMicrosoft Windows Search Component CVE-2023-36394 Windows Search Service Elevation of Privilege Vulnerability
MicrosoftMicrosoft Windows Speech CVE-2023-36719 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
MicrosoftOpen Management Infrastructure CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability
MicrosoftTablet Windows User Interface CVE-2023-36393 Windows User Interface Application Core Remote Code Execution Vulnerability
MicrosoftVisual Studio CVE-2023-36042 Visual Studio Denial of Service Vulnerability
MicrosoftVisual Studio Code CVE-2023-36018 Visual Studio Code Jupyter Extension Spoofing Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36047 Windows Authentication Elevation of Privilege Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36428 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
MicrosoftWindows Authentication Methods CVE-2023-36046 Windows Authentication Denial of Service Vulnerability
MicrosoftWindows Cloud Files Mini Filter Driver CVE-2023-36036 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MicrosoftWindows Common Log File System Driver CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability
MicrosoftWindows Compressed Folder CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability
MicrosoftWindows Defender CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability
MicrosoftWindows Deployment Services CVE-2023-36395 Windows Deployment Services Denial of Service Vulnerability
MicrosoftWindows DHCP Server CVE-2023-36392 DHCP Server Service Denial of Service Vulnerability
MicrosoftWindows Distributed File System (DFS) CVE-2023-36425 Windows Distributed File System (DFS) Remote Code Execution Vulnerability
MicrosoftWindows DWM Core Library CVE-2023-36033 Windows DWM Core Library Elevation of Privilege Vulnerability
MicrosoftWindows HMAC Key Derivation CVE-2023-36400 Windows HMAC Key Derivation Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36427 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36407 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36406 Windows Hyper-V Information Disclosure Vulnerability
MicrosoftWindows Hyper-V CVE-2023-36408 Windows Hyper-V Elevation of Privilege Vulnerability
MicrosoftWindows Installer CVE-2023-36705 Windows Installer Elevation of Privilege Vulnerability
MicrosoftWindows Internet Connection Sharing (ICS) CVE-2023-36397 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
MicrosoftWindows Kernel CVE-2023-36405 Windows Kernel Elevation of Privilege Vulnerability
MicrosoftWindows Kernel CVE-2023-36404 Windows Kernel Information Disclosure Vulnerability
MicrosoftWindows Kernel CVE-2023-36403 Windows Kernel Elevation of Privilege Vulnerability
MicrosoftWindows NTFS CVE-2023-36398 Windows NTFS Information Disclosure Vulnerability
MicrosoftWindows Protected EAP (PEAP) CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
MicrosoftWindows Scripting CVE-2023-36017 Windows Scripting Engine Memory Corruption Vulnerability
MicrosoftWindows SmartScreen CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability
MicrosoftWindows Storage CVE-2023-36399 Windows Storage Elevation of Privilege Vulnerability

CVE-2023-5996 - Chromium: CVE-2023-5996 Use after free in WebAudio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5996
MITRE
NVD

Issuing CNA: Chrome

CVE Title: Chromium: CVE-2023-5996 Use after free in WebAudio
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-23    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
119.0.2151.58 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
118.0.2088.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5996 None

CVE-2023-38151 - Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38151
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the target machine if the victim connects to the attacker's malicious DB2 server and they execute a specially crafted query.


Mitigations:

The following mitigating factors may be helpful in your situation:

The victim must have installed Microsoft OLE DB Provider for DB2 Server Version 7.0 for the target machine to be vulnerable.


Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38151
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Host Integration Server 2020 5032921 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
KB5032921 Maybe None
Microsoft OLE DB Provider for DB2 V7 5032921 (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
KB5032921 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38151 bee13oy with Cyber Kunlun Lab


CVE-2023-36719 - Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36719
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36719
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 8.4
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36719 Marco Bartoli with Microsoft


Giulio Candreva with Microsoft


CVE-2023-36705 - Windows Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36705
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36705
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36705 Abdelhamid Naceri


CVE-2023-36560 - ASP.NET Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36560
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: ASP.NET Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

The attacker would be able to bypass the security checks that prevents an attacker from accessing internal applications in a website.


How could an attacker exploit this vulnerability?

The attacker could send a specially crafted request that would enable them to access parts of a web application that they would not normally have access to.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36560
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Security Feature Bypass 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for 32-bit Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.6/4.6.2 on Windows 10 for x64-based Systems 5032199 (Security Update) Important Security Feature Bypass 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) 5032337 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5032338 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5032339 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for ARM64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 21H2 for x64-based Systems 5032340 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems 5032007 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) 5032336 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) 5032004 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.8.9206.01 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.0.50727.8975 Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032344 (Monthly Rollup)
5032186 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06
4.7.4076.02
Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.7.4076.06 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032341 (Monthly Rollup)
5032185 (Security Only)
Important Security Feature Bypass Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5032342 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5032343 (Monthly Rollup) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.03 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5031989 (Security Update) Important Security Feature Bypass None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
04.8.4682.02 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36560 Markus Wulftange with CODE WHITE GmbH


Soroush Dalili with SecProject


Markus Wulftange with CODE WHITE GmbH


CVE-2023-36437 - Azure DevOps Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36437
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure DevOps Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

How could an attacker exploit this vulnerability?

An attacker could exploit an integer overflow vulnerability that results in arbitrary heap writes, which could be used to perform arbitrary code execution.


According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on ADO?

Yes, the attacker needs to be authenticated to Azure DevOps server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36437
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Pipelines Agent Pull Request (Security Update) Important Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
2.39.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36437 Anonymous


CVE-2023-36428 - Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36428
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Information Disclosure 5031377 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Information Disclosure 5031361
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Information Disclosure 5031361
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure 5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure 5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Information Disclosure
5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Information Disclosure
5031356
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Information Disclosure 5031358
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Information Disclosure 5031354
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Information Disclosure 5031416
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Information Disclosure 5031416
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Information Disclosure 5031416
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Information Disclosure 5031416
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Information Disclosure 5031408
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Information Disclosure 5031408
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Information Disclosure 5031442 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Information Disclosure 5031419 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Information Disclosure 5031362 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Information Disclosure 5031361
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Information Disclosure 5031361
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Information Disclosure 5031364 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36428 Anonymous


CVE-2023-36427 - Windows Hyper-V Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36427
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Hyper-V Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Real-world exploitability of this attack is very low. Successful exploitation of this vulnerability requires an attacker to obtain 12th+ generation hardware to trigger the vulnerability. In addition, the attacker can only populate data at the beginning of a page, and its contents are mostly uncontrollable.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36427
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36427 Satoshi Tanda with System Programming Lab


CVE-2023-36425 - Windows Distributed File System (DFS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36425
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker or targeted user to have both domain user and delegate management permissions on a non-default DFS namespace.


How could an attacker exploit this vulnerability?

An attacker could exploit a DFS namespace (non-default) out-of-bound write vulnerability that results in heap corruption, which could then be used to perform arbitrary code execution on the server's dfssvc.exe process which runs as SYSTEM user.


According to the CVSS metric, attack complexity is high (AC:H). What does that mean for this vulnerability?

In a real-world attack scenario, a domain admin would have to configure their DFS namespace in such a way to add a low privileged domain user to the delegate management permission on a certain DFS namespace.

In essence, a successful exploitation of this vulnerability would require a non-default and unlikely configuration.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36425
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Remote Code Execution 5031408
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Remote Code Execution 5031408
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36425 k0shl with Kunlun Lab


CVE-2023-36424 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36424
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to a High Integrity Level.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36424
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36424 Anonymous with SSD Secure Disclosure


CVE-2023-36423 - Microsoft Remote Registry Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36423
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, privileges required is low (PR:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group.

Although this group defaults to only Administrators, it is possible for an Administrator to add other standard users to this group.


How could an attacker exploit this vulnerability?

A remote, authenticated attacker who is on the domain and a member of the performance log users group could exploit an integer overflow vulnerability within regsvc to execute arbitrary code on the server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36423
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Remote Code Execution 5031416
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Remote Code Execution 5031408
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Remote Code Execution 5031408
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Remote Code Execution 5031442 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Remote Code Execution 5031419 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36423 k0shl with Kunlun Lab


CVE-2023-36422 - Microsoft Windows Defender Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36422
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


References Identification
Last version of the Windows Defender Antimalware Platform affected by this vulnerability Version 4.18.23070.1004
First version of the Windows Defender Antimalware Platform with this vulnerability addressed Version 4.18.23100.2009

See Manage Updates Baselines Microsoft Defender Antivirus for more information.

Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?

Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.

Why is no action required to install this update?

In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.

For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.

Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment.

How often are the Windows Defender Antimalware Platform and malware definitions updated?

Microsoft typically releases an update for the Windows Defender Antimalware Platform once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.

Depending on which Microsoft antimalware software is used and how it is configured, the software may search for platform, engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.

What is the Windows Defender Antimalware Platform?

The Windows Defender Antimalware Platform is a collection of user-mode binaries (e.g. MsMpEng.exe) and kernel-mode drivers that run on top of Windows to keep devices protected against new and prevalent threats.

Windows Defender uses the Windows Defender Antimalware Platform. On which products is Defender installed and active by default?

Defender runs on all supported versions of Windows.

Are there other products that use the Windows Defender Antimalware Platform?

Yes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.

Does this update contain any additional security-related changes to functionality?

Yes.  In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.

Suggested Actions

Verify that the update is installed

Customers should verify that the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed for their Microsoft antimalware products.

  1. Open the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.
  2. In the navigation pane, select Virus & threat protection.
  3. Under Virus & threat protection updates in the main window, select Check for updates.
  4. Select Check for updates again.
  5. In the navigation pane, select Settings, and then select About.
  6. Examine the Platform Version number. The update was successfully installed if the Malware Protection Platform version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.

Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36422
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Defender Antimalware Platform Release Notes (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
4.18.23100.2009 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36422 Sascha Meyer with GAI NetConsult GmbH


CVE-2023-36413 - Microsoft Office Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36413
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Office Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


What kind of security feature could be bypassed by successfully exploiting this vulnerability?

Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36413
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2016 (32-bit edition) 5002521 (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
16.0.5422.1000 Maybe None
Microsoft Office 2016 (64-bit edition) 5002521 (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
16.0.5422.1000 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
https://aka.ms/OfficeSecurityReleases No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36413 Eduardo Braun Prado


Will Dormann with Vul Labs


CVE-2023-36410 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36410
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36410
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 5032297 (Security Update) Important Spoofing None Base: 7.6
Temporal: 6.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
9.1.23.10 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36410 batram


CVE-2023-36052 - Azure CLI REST Command Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36052
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Azure CLI REST Command Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.6/TemporalScore:7.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What type of information could be disclosed by this vulnerability?

An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and/or GitHub Actions.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.


How could an attacker exploit this vulnerability?

An unauthenticated attacker can search and discover credentials contained in log files which have been stored in open-source repositories.


Where can I find more information?

Please see the MSRC Blog Post relating to this vulnerability here: Microsoft guidance regarding credentials leaked to Github Actions logs through Azure CLI.


What actions do customers need to take to protect themselves from this vulnerability?

Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36052
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
az functionapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az functionapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az logicapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az logicapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az staticwebapp appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az staticwebapp appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 No None
az webapp config appsettings delete Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None
az webapp config appsettings set Release Notes (Security Update) Critical Information Disclosure None Base: 8.6
Temporal: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
2.53.1 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36052 Aviad Hahami with PANW


CVE-2023-36043 - Open Management Infrastructure Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36043
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Open Management Infrastructure Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelTemporary Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An attacker who successfully exploits this vulnerability could affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component could be different from the impacted component and are managed by different security authorities.


What type of information could be disclosed by this vulnerability?

Successful exploitation of this vulnerability could allow an attacker to access credentials of privileged accounts stored in trace logs on the machine being monitored by SCOM.


What versions of OMI are affected?

OMI versions v1.7.1-0 and below are affected.

How do the updates address the vulnerability?

The update disables logging of the credentials in the trace file and deletes the existing trace files that may have credentials logged.

Is there any action customers need to take?

In addition to updating their affected versions of SCOM, customers are encouraged to reset their privileged account passwords.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker be an authenticated user with read access to the trace file on the machine being monitored with SCOM and OMI installed.


What is OMI?

Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. SCOM uses this framework to orchestrate configuration management and log collection on Linux VMs. More information can be found here: GitHub - Open Management Infrastructure.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36043
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
System Center Operations Manager (SCOM) 2016 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
1.7.3-0 Maybe None
System Center Operations Manager (SCOM) 2019 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
1.7.3-0 Maybe None
System Center Operations Manager (SCOM) 2022 Release Notes (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C
1.7.3-0 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36043 Anonymous


CVE-2023-36036 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36036
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36036
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Elevation of Privilege 5031377 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege 5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Elevation of Privilege
5031356
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Elevation of Privilege 5031358
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Elevation of Privilege 5031354
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 for 32-bit Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5032254 (Monthly Rollup)
5032248 (Security Only)
Important Elevation of Privilege 5031416
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.0.6003.22367
Yes 5032254
5032248
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
Important Elevation of Privilege 5031408
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.1.7601.26816
Yes 5032252
5032250
Windows Server 2012 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 (Server Core installation) 5032247 (Monthly Rollup) Important Elevation of Privilege 5031442 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.2.9200.24569 Yes None
Windows Server 2012 R2 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2012 R2 (Server Core installation) 5032249 (Monthly Rollup) Important Elevation of Privilege 5031419 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
6.3.9600.21668 Yes None
Windows Server 2016 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Elevation of Privilege 5031362 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Elevation of Privilege 5031361
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Elevation of Privilege 5031364 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36036 Microsoft Threat Intelligence Microsoft Security Response Center


CVE-2023-36034 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36034
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability?

The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.


According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L). What does that mean for this vulnerability?

The attacker who successfully exploited the vulnerability could have limited ability to perform code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.44 11/02/2023 119.0.6045.105/.106
Extended Stable 118.0.2088.88 11/02/2023 118.0.5993.129

Mitigations:
None
Workarounds:
None
Revision:
1.0    02-Nov-23    

Information published.


Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36034
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Moderate Remote Code Execution None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
119.0.2151.44 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Moderate Remote Code Execution None Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
118.0.2088.88 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36034 HAO LI of VenusTech ADLab


CVE-2023-36024 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36024
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires that a user open a specially crafted file.

  • In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
  • In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a browser sandbox escape.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?

While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.


Why is the severity for this CVE rated as Moderate, but the CVSS score is higher than normal?

Per our severity guidelines, the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity, specifically it says, "If a bug requires more than a click, a key press, or several preconditions, the severity will be downgraded". The CVSS scoring system doesn't allow for this type of nuance.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could allow the attacker to perform remote code execution.


What is the version information for this release?

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version
Stable 119.0.2151.58 11/09/2023 119.0.6045.123/.124
Extended Stable 118.0.2088.102 11/09/2023 118.0.5993.136

Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-23    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36024
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
119.0.2151.58 No None
Microsoft Edge (Chromium-based) Extended Stable Release Notes (Security Update) Important Elevation of Privilege None Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
118.0.2088.102 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36024 Anonymous


CVE-2023-36017 - Windows Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36017
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Windows Scripting Engine Memory Corruption Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.


The CVE title says Windows Scripting Engine, what does that mean for this vulnerability?

This vulnerability impacts the JScript9 scripting engine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    14-Nov-23    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36017
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 for x64-based Systems 5032199 (Security Update) Important Remote Code Execution 5031377 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.10240.20308 Yes None
Windows 10 Version 1607 for 32-bit Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1607 for x64-based Systems 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows 10 Version 1809 for 32-bit Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for ARM64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 1809 for x64-based Systems 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows 10 Version 21H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 21H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution 5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.19041.3693
Yes 5032189
Windows 10 Version 22H2 for 32-bit Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for ARM64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 10 Version 22H2 for x64-based Systems 5032189 (Security Update) Important Remote Code Execution
5031356
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

10.0.19045.3693
Yes 5032189
Windows 11 version 21H2 for ARM64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 version 21H2 for x64-based Systems 5032192 (Security Update) Important Remote Code Execution 5031358
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22000.2600
Yes 5032192
Windows 11 Version 22H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 22H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for ARM64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows 11 Version 23H2 for x64-based Systems 5032190 (Security Update) Important Remote Code Execution 5031354
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.22621.2715
Yes 5032190
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5032252 (Monthly Rollup)
5032250 (Security Only)
5032191 (IE Cumulative)
Important Remote Code Execution 5031408

5031355
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816

1.001
Yes 5032252
5032250
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5032252 (Monthly Rollup)
5032250 (Security Only)
5032191 (IE Cumulative)
Important Remote Code Execution 5031408

5031355
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
6.1.7601.26816

1.001
Yes 5032252
5032250
Windows Server 2012 5032191 (IE Cumulative)
5032247 (Monthly Rollup)
Important Remote Code Execution 5031355
5031442
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
1.001
6.2.9200.24569
Yes None
Windows Server 2012 (Server Core installation) 5032191 (IE Cumulative)
5032247 (Monthly Rollup)
Important Remote Code Execution 5031355
5031442
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
1.001
6.2.9200.24569
Yes None
Windows Server 2012 R2 5032191 (IE Cumulative)
5032249 (Monthly Rollup)
Important Remote Code Execution 5031355
5031419
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
1.001
6.3.9600.21668
Yes None
Windows Server 2012 R2 (Server Core installation) 5032191 (IE Cumulative)
5032249 (Monthly Rollup)
Important Remote Code Execution 5031355
5031419
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
1.001
6.3.9600.21668
Yes None
Windows Server 2016 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2016 (Server Core installation) 5032197 (Security Update) Important Remote Code Execution 5031362 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.14393.6452 Yes None
Windows Server 2019 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2019 (Server Core installation) 5032196 (Security Update) Important Remote Code Execution 5031361
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.17763.5122
Yes 5032196
Windows Server 2022 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022 (Server Core installation) 5032198 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.20348.2113 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5032202 (Security Update) Important Remote Code Execution 5031364 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.25398.531 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36017 Anonymous


CVE-2023-36007 - Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36007
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.


According to the CVSS metric, successful exploitation of this vulnerability