CVE-2023-28219 — Vulnetix

CVE-2023-28219 PUBLISHED

In verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server existieren mehrere nicht näher beschriebene Schwachstellen. Ein Angreifer kann dies ausnutzen, um Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen, Sicherheitsmechanismen zu umgehen, seine Privilegien zu erweitern und um beliebigen Code auszuführen.

EPSS 6.73% · 91.4th percentile

Risk Scores

EPSS Score

6.73%

91.4th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Windows 10 Version 1607
Microsoft	Microsoft Windows 10 Version 21H2
Microsoft	Microsoft Windows 10 Version 22H2
Microsoft	Microsoft Windows 10 Version 1809
Microsoft	Microsoft Windows Server 2022
Microsoft	Microsoft Windows Server 2008 SP2
Microsoft	Microsoft Windows Remote Desktop client for Desktop
Microsoft	Microsoft Windows Server 2019
Microsoft	Microsoft Windows Server 2016
Microsoft	Microsoft Windows 11 version 21H2
Microsoft	Microsoft Windows Server 2012
Microsoft	Microsoft Windows 10
Microsoft	Microsoft Windows Server 2008 R2 SP1
Microsoft	Microsoft Windows Server 2012 R2
Microsoft	Microsoft Windows 10 Version 20H2
Hitachi	Hitachi Storage Virtual Storage Platform
Microsoft	Microsoft Windows 11 Version 22H2

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog (certbund)
POC.yara (github-yara)
POC.yara (github-yara)
POC.yara (github-yara)
POC.yara (github-yara)
POC.yara (github-yara)
POC.yara (github-yara)

Timeline

Apr 11, 2023 CVE Published
Apr 12, 2023 EPSS Score
Jun 26, 2023 EPSS Score
Aug 3, 2023 EPSS Score
Aug 21, 2023 EPSS Score
Sep 10, 2023 EPSS Score
Sep 22, 2023 EPSS Score
Oct 18, 2023 EPSS Score
Nov 18, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Dec 31, 2023 EPSS Score
Feb 8, 2024 EPSS Score

References

Open in Interactive Console →