cbcvebase.
CVE-2023-21758
published 2023-01-10

CVE-2023-21758: Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

PriorityP352high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
91.60%
99.8th percentile
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

Affected

30 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_version_1507>= 10.0.10240.0 < 10.0.10240.1968510.0.10240.19685
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.564810.0.14393.5648
microsoftwindows_10_version_1809>= 10.0.0 < 10.0.17763.388710.0.17763.3887
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.388710.0.17763.3887
microsoftwindows_10_version_20h2>= 10.0.0 < 10.0.19042.248610.0.19042.2486
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.248610.0.19044.2486
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.248610.0.19045.2486
microsoftwindows_11
microsoftwindows_11
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.145510.0.22000.1455
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.110510.0.22621.1105
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.564810.0.14393.5648
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.388710.0.17763.3887
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.148710.0.20348.1487
msrcwindows_10
msrcwindows_10_version_1607
msrcwindows_10_version_1809
msrcwindows_10_version_20h2
msrcwindows_10_version_21h2
msrcwindows_10_version_22h2

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability affects the Windows Internet Key Exchange (IKE) Extension, meaning detection should focus on anomalous or malformed IKE traffic targeting Windows systems (typically UDP port 500 and UDP port 4500 for NAT-T).
  • Customer action is required and exploitation is assessed as 'Less Likely' for both latest and older software releases, but the vulnerability is publicly disclosed — prioritize patching and monitoring IKE/IPsec service availability on exposed Windows endpoints.
  • Impact is Denial of Service against the Windows IKE Extension component; monitor for unexpected crashes or restarts of the IKE/IPsec service (ikeext.dll / IKEEXT service) on Windows hosts.
  • ·No exploit code, hashes, malicious domains/IPs, or specific attack payloads are disclosed in the available sources. Operational IOCs cannot be extracted from the provided documentation.
  • ·Remediation references point to multiple KB updates (KB5022286, KB5022291, KB5022282, KB5022287, KB5022303, KB5022297, KB5022289) covering different Windows versions — ensure the correct KB is applied per OS version.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_msrc7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.