Patch Tuesday Update - November 2023

By Vulnerability Research Team

Fortra VM will include these Microsoft Patch Tuesday checks in the NIRV 4.31.0 and Agent 2.1 releases. Microsoft addressed 58 vulnerabilities in this release, including 3 rated as Critical and 15 Remote Code Execution vulnerabilities. This release includes three vulnerabilities that have been exploited in the wild along with three vulnerabilities that have been publicly disclosed before Patch Tuesday.

The previously publicly disclosed vulnerabilities include CVE-2023-36413, CVE-2023-36038 and CVE-2023-36033.

The following vulnerabilities have been exploited in the wild:

    • Both CVE-2023-36036 and CVE-2023-36033 are Elevation of Privilege vulnerabilities that could result in an attacker escalating privilege to SYSTEM on a vulnerable host.
    • Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-36025)
      • According to Microsoft, this Security Feature Bypass would allow an attacker to bypass the Windows Defender SmartScreen checks and associated prompts after tricking a user into clicking on a crafted Internet Shortcut (.URL) file or hyperlink to an Internet Shortcut file.
CVE/Advisory Title Tag Microsoft Severity Rating Base Score Microsoft Impact Exploited Publicly Disclosed
CVE-2023-38151 Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability Azure Important 8.8 Remote Code Execution No No
CVE-2023-36719 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Microsoft Windows Speech Important 8.4 Elevation of Privilege No No
CVE-2023-36705 Windows Installer Elevation of Privilege Vulnerability Windows Installer Important 7.8 Elevation of Privilege No No
CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability ASP.NET Important 8.8 Security Feature Bypass No No
CVE-2023-36437 Azure DevOps Server Remote Code Execution Vulnerability Azure DevOps Important 8.8 Remote Code Execution No No
CVE-2023-36428 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Windows Authentication Methods Important 5.5 Information Disclosure No No
CVE-2023-36427 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Important 7 Elevation of Privilege No No
CVE-2023-36425 Windows Distributed File System (DFS) Remote Code Execution Vulnerability Windows Distributed File System (DFS) Important 8 Remote Code Execution No No
CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Important 7.8 Elevation of Privilege No No
CVE-2023-36423 Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Important 7.2 Remote Code Execution No No
CVE-2023-36422 Microsoft Windows Defender Elevation of Privilege Vulnerability Windows Defender Important 7.8 Elevation of Privilege No No
CVE-2023-36413 Microsoft Office Security Feature Bypass Vulnerability Microsoft Office Important 6.5 Security Feature Bypass No Yes
CVE-2023-36410 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics Important 7.6 Spoofing No No
CVE-2023-36052 Azure CLI REST Command Information Disclosure Vulnerability Azure Critical 8.6 Information Disclosure No No
CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability Open Management Infrastructure Important 6.5 Information Disclosure No No
CVE-2023-36036 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Important 7.8 Elevation of Privilege Yes No
CVE-2023-36017 Windows Scripting Engine Memory Corruption Vulnerability Windows Scripting Important 8.8 Remote Code Execution No No
CVE-2023-36007 Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability Microsoft Dynamics Important 7.6 Spoofing No No
CVE-2023-38177 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft Office SharePoint Important 6.1 Remote Code Execution No No
CVE-2023-36558 ASP.NET Core - Security Feature Bypass Vulnerability ASP.NET Important 6.2 Security Feature Bypass No No
CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability Microsoft Exchange Server Important 8 Remote Code Execution No No
CVE-2023-36408 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Important 7.8 Elevation of Privilege No No
CVE-2023-36407 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Important 7.8 Elevation of Privilege No No
CVE-2023-36406 Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Important 5.5 Information Disclosure No No
CVE-2023-36405 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7 Elevation of Privilege No No
CVE-2023-36404 Windows Kernel Information Disclosure Vulnerability Windows Kernel Important 5.5 Information Disclosure No No
CVE-2023-36403 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Important 7 Elevation of Privilege No No
CVE-2023-36402 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Important 8.8 Remote Code Execution No No
CVE-2023-36401 Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Important 7.2 Remote Code Execution No No
CVE-2023-36400 Windows HMAC Key Derivation Elevation of Privilege Vulnerability Windows HMAC Key Derivation Critical 8.8 Elevation of Privilege No No
CVE-2023-36399 Windows Storage Elevation of Privilege Vulnerability Windows Storage Important 7.1 Elevation of Privilege No No
CVE-2023-36398 Windows NTFS Information Disclosure Vulnerability Windows NTFS Important 6.5 Information Disclosure No No
CVE-2023-36397 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Internet Connection Sharing (ICS) Critical 9.8 Remote Code Execution No No
CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability Windows Compressed Folder Important 7.8 Remote Code Execution No No
CVE-2023-36395 Windows Deployment Services Denial of Service Vulnerability Windows Deployment Services Important 7.5 Denial of Service No No
CVE-2023-36394 Windows Search Service Elevation of Privilege Vulnerability Microsoft Windows Search Component Important 7 Elevation of Privilege No No
CVE-2023-36393 Windows User Interface Application Core Remote Code Execution Vulnerability Tablet Windows User Interface Important 7.8 Remote Code Execution No No
CVE-2023-36392 DHCP Server Service Denial of Service Vulnerability Windows DHCP Server Important 7.5 Denial of Service No No
CVE-2023-36046 Windows Authentication Denial of Service Vulnerability Windows Authentication Methods Important 7.1 Denial of Service No No
CVE-2023-36047 Windows Authentication Elevation of Privilege Vulnerability Windows Authentication Methods Important 7.8 Elevation of Privilege No No
CVE-2023-36049 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET Framework Important 7.6 Elevation of Privilege No No
CVE-2023-24023 Mitre: CVE-2023-24023 Bluetooth Vulnerability Microsoft Bluetooth Driver Important N/A Spoofing No No
CVE-2023-36050 Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Important 8 Spoofing No No
CVE-2023-36039 Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Important 8 Spoofing No No
CVE-2023-36041 Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Excel Important 7.8 Remote Code Execution No No
CVE-2023-36042 Visual Studio Denial of Service Vulnerability Visual Studio Important 6.2 Denial of Service No No
CVE-2023-36045 Microsoft Office Graphics Remote Code Execution Vulnerability Microsoft Office Important 7.8 Remote Code Execution No No
CVE-2023-36037 Microsoft Excel Security Feature Bypass Vulnerability Microsoft Office Excel Important 7.8 Security Feature Bypass No No
CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability ASP.NET Important 8.2 Denial of Service No Yes
CVE-2023-36035 Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Important 8 Spoofing No No
CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Windows Protected EAP (PEAP) Important 9.8 Remote Code Execution No No
CVE-2023-36030 Microsoft Dynamics 365 Sales Spoofing Vulnerability Microsoft Dynamics 365 Sales Important 6.1 Spoofing No No
CVE-2023-36031 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics Important 7.6 Spoofing No No
CVE-2023-36033 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Important 7.8 Elevation of Privilege Yes Yes
CVE-2023-36021 Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability Azure Important 8 Security Feature Bypass No No
CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Important 8.8 Security Feature Bypass Yes No
CVE-2023-36016 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics Important 6.2 Spoofing No No
CVE-2023-36018 Visual Studio Code Jupyter Extension Spoofing Vulnerability Visual Studio Code Important 7.8 Spoofing No No

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Fortra VM can help.

WATCH THE VIDEO

Share This