VDB
CVE-2023-35303
CVE-2023-35303
PUBLISHED
CVSS 8.699999809265137 HIGH
In verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Diese werden von Microsoft nicht im Detail beschrieben. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
EPSS 0.75% · 73.6th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.75%
73.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Windows 10 Version 21H2 | |
| Gentoo | Gentoo Linux | |
| Amazon | Amazon Linux 2 | |
| Microsoft | Microsoft Windows Server 2019 | |
| Microsoft | Microsoft Windows Server 2022 | |
| Microsoft | Microsoft Windows 10 Version 22H2 | |
| Microsoft | Microsoft Windows Server 2016 | |
| Microsoft | Microsoft Windows 11 version 21H2 | |
| Microsoft | Microsoft Windows Server 2008 R2 SP1 | |
| Xerox | Xerox FreeFlow Print Server v7 for Solaris | |
| Microsoft | Microsoft Windows 10 | |
| Microsoft | Microsoft Windows 10 Version 1809 | |
| Microsoft | Microsoft Windows Server 2008 SP2 | |
| Hitachi | Hitachi Storage Virtual Storage Platform | |
| Fedora | Fedora Linux | |
| Microsoft | Microsoft Windows Admin Center | |
| Microsoft | Microsoft Windows 10 Version 1607 | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Microsoft | Microsoft Windows 11 Version 22H2 | |
| Microsoft | Microsoft Windows Server 2012 |
…and 2 more
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- Windows Netlogon Information Disclosure Vulnerability (circl)
- CIRCL seen: CVE-2023-21526 (circl-sighting)
- CVE-2023-32041.yara (github-yara)
- CVE-2023-32041.yara (github-yara)
- CVE-2023-32041.yara (github-yara)
- CVE-2023-32041.yara (github-yara)
- CVE-2023-32041.yara (github-yara)
Timeline
- Jul 11, 2023 CVE Published
- Jul 12, 2023 EPSS Score
- Jul 12, 2023 PoC Published
- Aug 16, 2023 EPSS Score
- Oct 18, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Jan 1, 2024 EPSS Score
- Feb 4, 2024 EPSS Score
- Apr 13, 2024 EPSS Score
- May 17, 2024 EPSS Score
- May 29, 2024 EPSS Score
- May 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1718.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1718 advisory
- https://www.hitachi.com/products/it/storage-solutions/sec_info/2023/07.html advisory
- https://msrc.microsoft.com/update-guide/de-DE/vulnerability/ADV230003 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2031.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2031 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-011_FFPSv7-S11_MediaInstall_Aug2023.pdf advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-012_FFPSv2_Win10_SecurityBulletin_Aug2023.pdf advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/08/Xerox-Security-Bulletin-XRX23-013-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2331.html advisory
- https://security.gentoo.org/glsa/202408-17 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-d2d3a5fa79 advisory