Today’s Patch Tuesday brings us 74 new CVEs which contain 6 criticals. Not that bad, so let’s briefly review them!
CVE-2023-35385 / CVE-2023-36910 / CVE-2023-36911 – Microsoft Message Queuing Remote Code Execution Vulnerability
We are starting with 3 critical bugs (9.8) which are very similar to bugs from the past 4 months – these bugs could allow a remote, unauthenticated attacker to run their code with elevated privileges on affected servers with the Message Queuing service enabled. And again, you can block TCP port 1801 as mitigation, but the better choice is to test and deploy the update quickly. You can also check on which server the Message Queuing service is enabled using a script from June.
CVE-2023-29328 / CVE-2023-29330 – Microsoft Teams Remote Code Execution Vulnerability
2 similar bugs in Teams, both rated as critical (8.8). These bugs allow an attacker to gain code execution on a target system by convincing someone to join a malicious Teams meeting set up by the attacker.
CVE-2023-36895 – Microsoft Outlook Remote Code Execution Vulnerability
The last critical (7.8) bug this month is related to the Outlook app. Usually, these kinds of bugs are rated as important, unless the attack vector is the Preview Pane. This time Microsoft doesn’t provide many details, so it’s a bit mysterious why it’s critical. If you don’t want to experience it for yourself, just consider patching 🙂
CVE-2023-21709 – Microsoft Exchange Server Elevation of Privilege Vulnerability
This one is surprisingly only rated as important, but still with a score of 9.8! This vulnerability allows a remote, unauthenticated attacker to log in as another user. In my opinion, this one should be patched ASAP.
We have also 5 other bugs in Exchange – 4 RCE + 1 spoofing which was bypassed 3 times and the original spoofing bug is under active exploitation. Definitely act accordingly!
Summary
Quite a calm month, except for these Exchange bugs, which are quite hidden this time…
Below you can see the most important CVEs released by Microsoft in August 2023 (criticals, and with CVSS at least 8.0). Besides the vulnerabilities already mentioned, you can find also info about bugs in OLE DB / ODBC driver, Bluetooth, Fax service, Azure Arc, .NET & Visual Studio, or SharePoint.
CVE Number | CVE Title | Severity (CVSS score) | Attack Vector | Attack Complexity | Privileges Required | User interaction | Exploit Code Maturity | Applicable for |
---|---|---|---|---|---|---|---|---|
CVE-2023-35385 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical (9.8) | Network | Low | None | Required | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2023-36910 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical (9.8) | Network | Low | None | Required | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2023-36911 | Microsoft Message Queuing Remote Code Execution Vulnerability | Critical (9.8) | Network | Low | None | Required | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2023-29328 | Microsoft Teams Remote Code Execution Vulnerability | Critical (8.8) | Network | Low | None | Required | Unproven | Microsoft Teams |
CVE-2023-29330 | Microsoft Teams Remote Code Execution Vulnerability | Critical (8.8) | Network | Low | None | Required | Unproven | Microsoft Teams |
CVE-2023-36895 | Microsoft Outlook Remote Code Execution Vulnerability | Critical (7.8) | Local | Low | None | Required | Unproven | Office 2013, 2016, 2019 Office LTSC 2021 Microsoft 365 Apps |
CVE-2023-21709 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important (9.8) | Network | Low | None | None | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-35368 | Microsoft Exchange Remote Code Execution Vulnerability | Important (8.8) | Adjacent | Low | None | None | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-38181 | Microsoft Exchange Server Spoofing Vulnerability | Important (8.8) | Network | Low | Low | Required | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-38185 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important (8.8) | Network | Low | Low | Required | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-35388 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important (8.0) | Adjacent | Low | Low | None | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-38182 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important (8.0) | Adjacent | Low | Low | None | Unproven | Exchange 2016 CU23 Exchange 2019 CU12+ |
CVE-2023-38169 | Microsoft OLE DB Remote Code Execution Vulnerability | Important (8.8) | Network | Low | None | Required | Unproven | ODBC Driver 17, 18 OLE DB Driver 18, 19 SQL Server 2019, 2022 |
CVE-2023-36882 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | Important (8.8) | Network | Low | None | Required | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2023-35387 | Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability | Important (8.8) | Adjacent | Low | None | Required | Unproven | Windows 10+ Windows Server 2012-2019 |
CVE-2023-35381 | Windows Fax Service Remote Code Execution Vulnerability | Important (8.8) | Network | Low | None | Required | Unproven | Windows 10+ Windows Server 2008+ |
CVE-2023-38176 | Azure Arc-Enabled Servers Elevation of Privilege Vulnerability | Important (8.5) | Local | High | Low | None | Unproven | Azure Arc-Enabled Servers |
CVE-2023-35390 | .NET and Visual Studio Remote Code Execution Vulnerability | Important (8.4) | Local | Low | None | None | PoC | .NET 6.0, 7.0 Visual Studio 2022 17.2+ |
CVE-2023-36891 | Microsoft SharePoint Server Spoofing Vulnerability | Important (8.0) | Network | Low | Low | Required | Unproven | SharePoint Server 2019, SharePoint Server Subscription Edition |
CVE-2023-36892 | Microsoft SharePoint Server Spoofing Vulnerability | Important (8.0) | Network | Low | Low | Required | Unproven | SharePoint Server 2019, SharePoint Server Subscription Edition |
- Microsoft Patch Tuesday – January 2024 - January 10, 2024
- Microsoft Patch Tuesday – November 2023 - November 15, 2023
- Microsoft Patch Tuesday – October 2023 - October 11, 2023