Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0022
Vulnerability from certfr_avis - Published: 2023-01-11 - Updated: 2023-01-11
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer un déni de service, une élévation de privilèges, un contournement de la fonctionnalité de sécurité, une atteinte à la confidentialité des données et une exécution de code à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2022 | ||
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Malicious Software Removal Tool 32 bits | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 20H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows RT 8.1 | ||
| Microsoft | Windows | Windows 7 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 20H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Malicious Software Removal Tool 64 bits | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 8.1 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows 10 Version 20H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 8.1 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 7 pour systèmes 32 bits Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2022",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Malicious Software Removal Tool 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 20H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows RT 8.1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 20H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Malicious Software Removal Tool 64 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 8.1 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 20H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 8.1 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21527"
},
{
"name": "CVE-2023-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21525"
},
{
"name": "CVE-2023-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21760"
},
{
"name": "CVE-2023-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21556"
},
{
"name": "CVE-2023-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21724"
},
{
"name": "CVE-2023-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21766"
},
{
"name": "CVE-2023-21532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21532"
},
{
"name": "CVE-2023-21563",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21563"
},
{
"name": "CVE-2023-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21726"
},
{
"name": "CVE-2023-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21755"
},
{
"name": "CVE-2023-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21678"
},
{
"name": "CVE-2023-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21753"
},
{
"name": "CVE-2023-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21754"
},
{
"name": "CVE-2023-21550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21550"
},
{
"name": "CVE-2023-21747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21747"
},
{
"name": "CVE-2023-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21536"
},
{
"name": "CVE-2023-21730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21730"
},
{
"name": "CVE-2023-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21541"
},
{
"name": "CVE-2023-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21546"
},
{
"name": "CVE-2023-21535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21535"
},
{
"name": "CVE-2023-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21732"
},
{
"name": "CVE-2023-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21772"
},
{
"name": "CVE-2023-21774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21774"
},
{
"name": "CVE-2023-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21750"
},
{
"name": "CVE-2023-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21547"
},
{
"name": "CVE-2023-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21746"
},
{
"name": "CVE-2023-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21540"
},
{
"name": "CVE-2023-21771",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21771"
},
{
"name": "CVE-2023-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21767"
},
{
"name": "CVE-2023-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21681"
},
{
"name": "CVE-2023-21560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21560"
},
{
"name": "CVE-2023-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21776"
},
{
"name": "CVE-2023-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21758"
},
{
"name": "CVE-2023-21561",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21561"
},
{
"name": "CVE-2023-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21759"
},
{
"name": "CVE-2023-21524",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21524"
},
{
"name": "CVE-2023-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21749"
},
{
"name": "CVE-2023-21548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21548"
},
{
"name": "CVE-2023-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21683"
},
{
"name": "CVE-2023-21552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21552"
},
{
"name": "CVE-2023-21677",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21677"
},
{
"name": "CVE-2023-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21674"
},
{
"name": "CVE-2023-21543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21543"
},
{
"name": "CVE-2023-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21675"
},
{
"name": "CVE-2023-21558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21558"
},
{
"name": "CVE-2023-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21539"
},
{
"name": "CVE-2023-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21768"
},
{
"name": "CVE-2023-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21537"
},
{
"name": "CVE-2023-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21725"
},
{
"name": "CVE-2023-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21680"
},
{
"name": "CVE-2023-21679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21679"
},
{
"name": "CVE-2023-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21773"
},
{
"name": "CVE-2023-21752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21752"
},
{
"name": "CVE-2023-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21748"
},
{
"name": "CVE-2023-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21682"
},
{
"name": "CVE-2023-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21739"
},
{
"name": "CVE-2023-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21555"
},
{
"name": "CVE-2023-21757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21757"
},
{
"name": "CVE-2023-21542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21542"
},
{
"name": "CVE-2023-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21733"
},
{
"name": "CVE-2023-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21765"
},
{
"name": "CVE-2023-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21728"
},
{
"name": "CVE-2023-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21559"
},
{
"name": "CVE-2023-21551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21551"
},
{
"name": "CVE-2023-21549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21549"
},
{
"name": "CVE-2023-21557",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21557"
},
{
"name": "CVE-2023-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21676"
}
],
"initial_release_date": "2023-01-11T00:00:00",
"last_revision_date": "2023-01-11T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21549 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21549"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21753 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21753"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21758 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21758"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21773 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21773"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21560 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21755 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21755"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21749 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21749"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21765 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21765"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21726 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21726"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21776 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21776"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21728 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21728"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21557 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21557"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21563 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21563"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21680 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21680"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21539 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21539"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21678 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21678"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21681 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21681"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21551 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21551"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21682 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21682"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21766 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21766"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21759 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21759"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21532 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21532"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21558 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21561 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21739 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21739"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21675 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21525 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21525"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21536 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21536"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21750 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21750"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21679 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21732 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21732"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21535 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21535"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21552 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21552"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21768 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21768"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21730 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21730"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21546 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21559 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21559"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21772 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21772"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21543 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21748 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21748"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21527 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21527"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21547 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21547"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21550 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21550"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21754 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21754"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21524 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21524"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21683 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21683"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21747 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21747"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21733 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21733"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21746 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21746"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21724 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21724"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21548 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21548"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21537 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21537"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21677 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21677"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21725 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21725"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21760 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21760"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21767 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21767"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21542 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21542"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21752 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21752"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21674 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21556 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21774 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21774"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21540 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21540"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21676 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21676"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21757 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21757"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21541 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21541"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21555 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21555"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21771 du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21771"
}
],
"reference": "CERTFR-2023-AVI-0022",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un d\u00e9ni de service, une \u00e9l\u00e9vation de privil\u00e8ges, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une ex\u00e9cution de code \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 10 janvier 2023",
"url": "https://msrc.microsoft.com/update-guide/"
}
]
}
CVE-2023-21556 (GCVE-0-2023-21556)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Summary
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T18:04:35.659833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T18:04:53.315Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:40.263Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556"
}
],
"title": "Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21556",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:40.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21557 (GCVE-0-2023-21557)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Summary
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Severity
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21557"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:40.779Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21557"
}
],
"title": "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21557",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:40.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21558 (GCVE-0-2023-21558)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Windows Error Reporting Service Elevation of Privilege Vulnerability
Summary
Windows Error Reporting Service Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
19 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Error Reporting Service Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T18:46:43.535034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T18:47:22.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Error Reporting Service Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:41.334Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Error Reporting Service Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558"
}
],
"title": "Windows Error Reporting Service Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21558",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:41.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21559 (GCVE-0-2023-21559)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Windows Cryptographic Information Disclosure Vulnerability
Summary
Windows Cryptographic Information Disclosure Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Cryptographic Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21559"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T18:46:02.715063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T18:46:18.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Cryptographic Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:41.933Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Cryptographic Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21559"
}
],
"title": "Windows Cryptographic Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21559",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:41.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21560 (GCVE-0-2023-21560)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Windows Boot Manager Security Feature Bypass Vulnerability
Summary
Windows Boot Manager Security Feature Bypass Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T15:52:02.569305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:51.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Boot Manager Security Feature Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Boot Manager Security Feature Bypass Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:42.535Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Boot Manager Security Feature Bypass Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560"
}
],
"title": "Windows Boot Manager Security Feature Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21560",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:42.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21561 (GCVE-0-2023-21561)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Summary
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Severity
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Cryptographic Services Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Cryptographic Services Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:43.142Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Cryptographic Services Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561"
}
],
"title": "Microsoft Cryptographic Services Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21561",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:43.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21563 (GCVE-0-2023-21563)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI
EPSS
Title
BitLocker Security Feature Bypass Vulnerability
Summary
BitLocker Security Feature Bypass Vulnerability
Severity
CWE
- Security Feature Bypass
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "BitLocker Security Feature Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21563"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "BitLocker Security Feature Bypass Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:43.599Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "BitLocker Security Feature Bypass Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21563"
}
],
"title": "BitLocker Security Feature Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21563",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:35:43.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21674 (GCVE-0-2023-21674)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-10-21 23:15
VLAI
EPSS
Title
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Summary
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21674",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T20:55:54.364761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21674"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:28.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21674"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-10T00:00:00.000Z",
"value": "CVE-2023-21674 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:02.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:44.124Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674"
}
],
"title": "Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21674",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:28.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21675 (GCVE-0-2023-21675)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI
EPSS
Title
Windows Kernel Elevation of Privilege Vulnerability
Summary
Windows Kernel Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T18:55:35.805463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T18:55:45.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:02.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Kernel Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:21.956Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Kernel Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675"
}
],
"title": "Windows Kernel Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21675",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-01-01T00:36:21.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21676 (GCVE-0-2023-21676)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-04-12 03:55
VLAI
EPSS
Title
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Summary
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Remote Code Execution
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-01-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-12T03:55:12.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:02.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21676"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:44.680Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21676"
}
],
"title": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21676",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-04-12T03:55:12.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…