CVE-2023-36899
published 2023-08-08CVE-2023-36899: ASP.NET Elevation of Privilege Vulnerability ASP.NET Elevation of Privilege Vulnerability
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
74.29%
99.4th percentile
ASP.NET Elevation of Privilege Vulnerability
ASP.NET Elevation of Privilege Vulnerability
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_net_framework_2.0_service_pack_2 | >= 2.0.0 < 2.0.50727.8974 | 2.0.50727.8974 |
| microsoft | microsoft_net_framework_3.5_and_4.6.2 | >= 4.7.0 < 10.0.10240.20107 | 10.0.10240.20107 |
| microsoft | microsoft_net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2 | >= 3.0.0.0 < 10.0.14393.6167 | 10.0.14393.6167 |
| microsoft | microsoft_net_framework_3.5_and_4.7.2 | >= 4.7.0 < 4.7.4057.05 | 4.7.4057.05 |
| microsoft | microsoft_net_framework_3.5_and_4.8 | >= 4.8.0 < 4.8.04654.06 | 4.8.04654.06 |
| microsoft | microsoft_net_framework_3.5_and_4.8.1 | >= 4.8.1 < 4.8.09176.01 | 4.8.09176.01 |
| microsoft | microsoft_net_framework_4.6.2 | >= 4.7.0 < 4.7.04057.05 | 4.7.04057.05 |
| microsoft | microsoft_net_framework_4.6.2_4.7_4.7.1_4.7.2 | >= 4.7.0 < 4.7.04057.05 | 4.7.04057.05 |
| microsoft | microsoft_net_framework_4.8 | >= 4.8.0 < 4.8.4654.06 | 4.8.4654.06 |
| msrc | microsoft_net_framework_2.0_service_pack_2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.6.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.7.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.8 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.8.1 | — | — |
| msrc | microsoft_net_framework_4.6.2 | — | — |
| msrc | microsoft_net_framework_4.6.2_4.7_4.7.1_4.7.2 | — | — |
| msrc | microsoft_net_framework_4.8 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability requires a specific (accidental) misconfiguration of the target environment to be exploitable — focus detection on non-default ASP.NET configurations that may inadvertently expose the privilege escalation path. ↗
- →Successful exploitation grants the attacker the privileges of the application's running user account — monitor for unexpected privilege use or actions performed under the ASP.NET application pool identity. ↗
- ·Exploitation is only possible when the target ASP.NET environment is misconfigured in a specific way; default configurations are not vulnerable. ↗
- ·As of the advisory publication, the vulnerability had not been publicly disclosed or actively exploited in the wild, reducing immediate threat urgency. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvelistv58.8HIGH
vulncheck8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens Telecontrol Server Basic
cisa_ics·2024-04-11
Siemens Telecontrol Server Basic
ICS Advisory
##
Siemens Telecontrol Server Basic
Release DateApril 11, 2024
Alert CodeICSA-24-102-08
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Telecontrol Server Basic
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Integer Overflow or Wraparound, External Control of File Name or Path, Path Traversal, Improper Input Validation, Missing Encry
Microsoft
ASP.NET Elevation of Privilege Vulnerability
vendor_msrc·2023-08-08·CVSS 8.8
CVE-2023-36899 [HIGH] CWE-20 ASP.NET Elevation of Privilege Vulnerability
ASP.NET Elevation of Privilege Vulnerability
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
The attacker would gain the rights of the user that is running the affected application.
FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
The target environment could be accidentally configured to allow the vulnerability.
ASP.NET Core: ASP.NET Core
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5028958
Reference: https://support.microsoft.com/help/5029651
Refere
CVEList
ASP.NET Elevation of Privilege Vulnerability
cvelistv5·2023-08-08·CVSS 8.8
CVE-2023-36899 [HIGH] CWE-20 ASP.NET Elevation of Privilege Vulnerability
ASP.NET Elevation of Privilege Vulnerability
ASP.NET Elevation of Privilege Vulnerability
VulnCheck
Microsoft .NET Framework Improper Input Validation
vulncheck·2023·CVSS 8.8
CVE-2023-36899 [HIGH] Microsoft .NET Framework Improper Input Validation
Microsoft .NET Framework Improper Input Validation
ASP.NET Elevation of Privilege Vulnerability
Affected: Microsoft .NET Framework
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://fortiguard.fortinet.com/outbreak-alert/iran-linked-cyber-attacks
Exploit PoC: https://vulncheck.com/xdb/1b87c619aebf
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-08
Published
Exploited in the wild