Fortra VM will include these Microsoft Patch Tuesday checks in the NIRV 4.31.0 and Agent 2.1 releases. Microsoft addressed 58 vulnerabilities in this release, including 3 rated as Critical and 15 Remote Code Execution vulnerabilities. This release includes three vulnerabilities that have been exploited in the wild along with three vulnerabilities that have been publicly disclosed before Patch Tuesday.
The previously publicly disclosed vulnerabilities include CVE-2023-36413, CVE-2023-36038 and CVE-2023-36033.
The following vulnerabilities have been exploited in the wild:
-
- Both CVE-2023-36036 and CVE-2023-36033 are Elevation of Privilege vulnerabilities that could result in an attacker escalating privilege to SYSTEM on a vulnerable host.
- Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-36025)
- According to Microsoft, this Security Feature Bypass would allow an attacker to bypass the Windows Defender SmartScreen checks and associated prompts after tricking a user into clicking on a crafted Internet Shortcut (.URL) file or hyperlink to an Internet Shortcut file.
CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2023-38151 | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability | Azure | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36719 | Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | Microsoft Windows Speech | Important | 8.4 | Elevation of Privilege | No | No |
CVE-2023-36705 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36560 | ASP.NET Security Feature Bypass Vulnerability | ASP.NET | Important | 8.8 | Security Feature Bypass | No | No |
CVE-2023-36437 | Azure DevOps Server Remote Code Execution Vulnerability | Azure DevOps | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36428 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | Windows Authentication Methods | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36427 | Windows Hyper-V Elevation of Privilege Vulnerability | Windows Hyper-V | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36425 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | Windows Distributed File System (DFS) | Important | 8 | Remote Code Execution | No | No |
CVE-2023-36424 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36423 | Microsoft Remote Registry Service Remote Code Execution Vulnerability | Microsoft Remote Registry Service | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-36422 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Windows Defender | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36413 | Microsoft Office Security Feature Bypass Vulnerability | Microsoft Office | Important | 6.5 | Security Feature Bypass | No | Yes |
CVE-2023-36410 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 7.6 | Spoofing | No | No |
CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | Azure | Critical | 8.6 | Information Disclosure | No | No |
CVE-2023-36043 | Open Management Infrastructure Information Disclosure Vulnerability | Open Management Infrastructure | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36036 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | Yes | No |
CVE-2023-36017 | Windows Scripting Engine Memory Corruption Vulnerability | Windows Scripting | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36007 | Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability | Microsoft Dynamics | Important | 7.6 | Spoofing | No | No |
CVE-2023-38177 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 6.1 | Remote Code Execution | No | No |
CVE-2023-36558 | ASP.NET Core - Security Feature Bypass Vulnerability | ASP.NET | Important | 6.2 | Security Feature Bypass | No | No |
CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server | Important | 8 | Remote Code Execution | No | No |
CVE-2023-36408 | Windows Hyper-V Elevation of Privilege Vulnerability | Windows Hyper-V | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36407 | Windows Hyper-V Elevation of Privilege Vulnerability | Windows Hyper-V | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36406 | Windows Hyper-V Information Disclosure Vulnerability | Windows Hyper-V | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36405 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36404 | Windows Kernel Information Disclosure Vulnerability | Windows Kernel | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36403 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36402 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Microsoft WDAC OLE DB provider for SQL | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-36401 | Microsoft Remote Registry Service Remote Code Execution Vulnerability | Microsoft Remote Registry Service | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-36400 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability | Windows HMAC Key Derivation | Critical | 8.8 | Elevation of Privilege | No | No |
CVE-2023-36399 | Windows Storage Elevation of Privilege Vulnerability | Windows Storage | Important | 7.1 | Elevation of Privilege | No | No |
CVE-2023-36398 | Windows NTFS Information Disclosure Vulnerability | Windows NTFS | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36397 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Windows Internet Connection Sharing (ICS) | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-36396 | Windows Compressed Folder Remote Code Execution Vulnerability | Windows Compressed Folder | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36395 | Windows Deployment Services Denial of Service Vulnerability | Windows Deployment Services | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36394 | Windows Search Service Elevation of Privilege Vulnerability | Microsoft Windows Search Component | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-36393 | Windows User Interface Application Core Remote Code Execution Vulnerability | Tablet Windows User Interface | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36392 | DHCP Server Service Denial of Service Vulnerability | Windows DHCP Server | Important | 7.5 | Denial of Service | No | No |
CVE-2023-36046 | Windows Authentication Denial of Service Vulnerability | Windows Authentication Methods | Important | 7.1 | Denial of Service | No | No |
CVE-2023-36047 | Windows Authentication Elevation of Privilege Vulnerability | Windows Authentication Methods | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-36049 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | .NET Framework | Important | 7.6 | Elevation of Privilege | No | No |
CVE-2023-24023 | Mitre: CVE-2023-24023 Bluetooth Vulnerability | Microsoft Bluetooth Driver | Important | N/A | Spoofing | No | No |
CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server | Important | 8 | Spoofing | No | No |
CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server | Important | 8 | Spoofing | No | No |
CVE-2023-36041 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36042 | Visual Studio Denial of Service Vulnerability | Visual Studio | Important | 6.2 | Denial of Service | No | No |
CVE-2023-36045 | Microsoft Office Graphics Remote Code Execution Vulnerability | Microsoft Office | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36037 | Microsoft Excel Security Feature Bypass Vulnerability | Microsoft Office Excel | Important | 7.8 | Security Feature Bypass | No | No |
CVE-2023-36038 | ASP.NET Core Denial of Service Vulnerability | ASP.NET | Important | 8.2 | Denial of Service | No | Yes |
CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server | Important | 8 | Spoofing | No | No |
CVE-2023-36028 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | Windows Protected EAP (PEAP) | Important | 9.8 | Remote Code Execution | No | No |
CVE-2023-36030 | Microsoft Dynamics 365 Sales Spoofing Vulnerability | Microsoft Dynamics 365 Sales | Important | 6.1 | Spoofing | No | No |
CVE-2023-36031 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 7.6 | Spoofing | No | No |
CVE-2023-36033 | Windows DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | Yes | Yes |
CVE-2023-36021 | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability | Azure | Important | 8 | Security Feature Bypass | No | No |
CVE-2023-36025 | Windows SmartScreen Security Feature Bypass Vulnerability | Windows SmartScreen | Important | 8.8 | Security Feature Bypass | Yes | No |
CVE-2023-36016 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 6.2 | Spoofing | No | No |
CVE-2023-36018 | Visual Studio Code Jupyter Extension Spoofing Vulnerability | Visual Studio Code | Important | 7.8 | Spoofing | No | No |
Quickly Find and Fix Your Most At-Risk Weaknesses
Watch this demo to see how Fortra VM can help.