GSD-2023-21803 — Vulnetix

GSD-2023-21803 PUBLISHED CVSS 9.800000190734863 CRITICAL

Windows iSCSI Discovery Service Remote Code Execution Vulnerability

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
microsoft	windows_10_20H2	10.0.0
microsoft	windows_10_22H2	10.0.19045.0
Microsoft	Windows Server 2008 Service Pack 2	6.0.6003.0
Microsoft	Windows 10 Version 1607	10.0.14393.0
microsoft	windows_10_1607	10.0.14393.0
Microsoft	Windows Server 2008 Service Pack 2 (Server Core installation)	6.0.6003.0
Microsoft	Windows 10 Version 1809	10.0.17763.0
Microsoft	Windows 10 Version 22H2	10.0.19045.0
microsoft	windows_10_1507	10.0.10240.0
microsoft	windows_10_1809	10.0.17763.0
Microsoft	Windows 10 Version 21H2	10.0.19043.0
Microsoft	Windows 10 Version 20H2	10.0.0
microsoft	windows_10_21H2	10.0.19043.0
Microsoft	Windows 10 Version 1507	10.0.10240.0
microsoft	windows_server_2008_sp2	6.0.6003.0, 6.0.6003.0

Timeline

Feb 15, 2023 PoC Published
Apr 21, 2026 Security Advisory
Apr 21, 2026 CVE Published

References

Windows iSCSI Discovery Service Remote Code Execution Vulnerability vendor-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›