VDB
CVE-2023-29324
CVE-2023-29324
PUBLISHED
Es existieren mehrere Schwachstellen in Microsoft Windows und Microsoft Windows Server. Die Fehler sind noch nicht im Detail beschrieben. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Privilegien.
EPSS 1.87% · 83.5th percentile
Risk Scores
EPSS Score
1.87%
83.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Windows 10 Version 20H2 | |
| Microsoft | Microsoft Windows Server 2012 R2 | |
| Hitachi | Hitachi Storage Virtual Storage Platform | |
| IGEL | IGEL OS | |
| Dell | Dell NetWorker BMR <19.9.0.6 | |
| Microsoft | Microsoft Windows Server 2008 SP2 | |
| Microsoft | Microsoft Windows Server 2008 R2 SP1 | |
| Microsoft | Microsoft Windows Server 2019 | |
| Microsoft | Microsoft Windows 10 Version 1809 | |
| Microsoft | Microsoft Windows Server 2016 | |
| Microsoft | Microsoft Windows Server 2022 | |
| Microsoft | Microsoft Windows 10 | |
| Microsoft | Microsoft Windows Server 2012 | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Microsoft | Microsoft Windows 11 version 21H2 | |
| Microsoft | Microsoft Windows 10 Version 1607 | |
| Microsoft | Microsoft Windows 10 Version 21H2 | |
| Microsoft | Microsoft Windows 10 Version 22H2 | |
| Microsoft | Microsoft Windows 11 Version 22H2 |
Exploit Intelligence
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- OLeDouxEt/CVE-2023-29324_Patch_Deploy (github-poc)
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CVE-2023-29324_Patch_Deploy (cve.org)
…and 421 more exploits
Timeline
- Mar 15, 2023 CVE Published
- Mar 15, 2023 PoC Published
- Mar 15, 2023 PoC Published
- Mar 16, 2023 PoC Published
- Mar 23, 2023 PoC Published
- Mar 25, 2023 PoC Published
- May 10, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
- Jul 11, 2023 EPSS Score
- Jul 14, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Aug 11, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1178.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1178 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://kb.igel.com/securitysafety/en/isn-2023-06-uefi-secure-boot-malware-and-igel-os-88016851.html advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-010-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v2_Windows%C2%AE-10.pdf advisory
- https://www.hitachi.com/products/it/storage-solutions/sec_info/2023/05.html advisory
- https://www.dell.com/support/kbdoc/de-de/000224798/dsa-2024-207-security-update-for-dell-networker-for-bmr-iso-vulnerability advisory
- https://www.dell.com/support/kbdoc/000224798/dsa-2024-= advisory