Msrc Windows 11 Version 22H2 vulnerabilities

CVE-2023-23422 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software R

CVE-2023-24868 [HIGH] CWE-122 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-24876 [HIGH] CWE-122 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-24910 [HIGH] CWE-476 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit

CVE-2023-24861 [HIGH] CWE-367 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitat

CVE-2023-24872 [HIGH] CWE-125 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-23421 [HIGH] CWE-416 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest So

CVE-2023-24867 [HIGH] CWE-122 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-23423 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software R

CVE-2023-23407 [HIGH] CWE-591 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: According to the CVSS score, the attack vector is adjacent (AV:A). What do

CVE-2023-24858 [HIGH] CWE-126 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal user permission

CVE-2023-24913 [HIGH] CWE-122 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-23410 [HIGH] CWE-190 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HTTP.sys Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;L

CVE-2023-24856 [HIGH] CWE-20 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsoft Customer Acti

CVE-2023-24864 [HIGH] CWE-191 Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal user permiss

CVE-2023-24869 [HIGH] CWE-190 Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. FAQ: According to the CVSS metric, the attack comp

CVE-2023-23385 [HIGH] CWE-190 Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. FAQ: What privileg

CVE-2023-24908 [HIGH] CWE-190 Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service. FAQ: According to the CVSS metric, the attack comp

CVE-2023-24909 [HIGH] CWE-190 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal privileges could send a modified XPS file to a shared printer, which can result in a remote code execution. Microsoft PostScript Printer Driver: Microsoft PostScript Printer Driver Microsoft: Microsof

CVE-2023-24859 [HIGH] CWE-476 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows Internet Key Exchange (IKE) Protocol: Windows Internet Key Exchange (IKE) Protocol Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.updat