CVE-2023-29372
published 2023-06-14CVE-2023-29372: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
PriorityP350high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.35%
67.7th percentile
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Affected
41 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.19983 | 10.0.10240.19983 |
| microsoft | windows_10_1607 | < 10.0.14393.5989 | 10.0.14393.5989 |
| microsoft | windows_10_1809 | < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_10_21h2 | < 10.0.19044.3086 | 10.0.19044.3086 |
| microsoft | windows_10_22h2 | < 10.0.19045.3087 | 10.0.19045.3087 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.19983 | 10.0.10240.19983 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.5989 | 10.0.14393.5989 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.3086 | 10.0.19044.3086 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.3086 | 10.0.19045.3086 |
| microsoft | windows_11_21h2 | < 10.0.22000.2057 | 10.0.22000.2057 |
| microsoft | windows_11_22h2 | < 10.0.22621.1848 | 10.0.22621.1848 |
| microsoft | windows_11_version_21h2 | >= 10.0.0 < 10.0.22000.2057 | 10.0.22000.2057 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.1848 | 10.0.22621.1848 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.26564 | 6.1.7601.26564 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.22113 | 6.0.6003.22113 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.24314 | 6.2.9200.24314 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.21013 | 6.3.9600.21013 |
| microsoft | windows_server_2016 | < 10.0.14393.5989 | 10.0.14393.5989 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.5989 | 10.0.14393.5989 |
| microsoft | windows_server_2019 | < 10.0.17763.4499 | 10.0.17763.4499 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.4499 | 10.0.17763.4499 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x427-j65q-hpg8: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
ghsa_unreviewed·2023-06-14
CVE-2023-29372 [HIGH] GHSA-x427-j65q-hpg8: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
vendor_msrc·2023-06-13·CVSS 8.8
CVE-2023-29372 [HIGH] CWE-122 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
FAQ: How could an attacker exploit this vulnerability?
An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.
Microsoft WDAC OLE DB provider for SQL: Microsoft WDAC OLE DB provider for SQL
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5027222
Reference: https://support.mi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-14
Published