Kaspersky LabKLA20224KLA20224 Multiple vulnerabilities in Microsoft Browser
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.085 Low
EPSS
Percentile
94.3%
Detect date:
02/09/2023
Severity:
High
Description:
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions.
Affected products:
Microsoft Edge for Android
Microsoft Edge (Chromium-based)
Solution:
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Original advisories:
CVE-2023-0698
CVE-2023-0702
CVE-2023-0701
CVE-2023-0703
CVE-2023-0699
CVE-2023-23374
CVE-2023-0700
CVE-2023-0705
CVE-2023-0704
CVE-2023-0696
CVE-2023-21794
CVE-2023-0697
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2023-06976.5High
CVE-2023-07057.5Critical
CVE-2023-06968.8Critical
CVE-2023-07028.8Critical
CVE-2023-07006.5High
CVE-2023-06988.8Critical
CVE-2023-07018.8Critical
CVE-2023-07038.8Critical
CVE-2023-07046.5High
CVE-2023-06998.8Critical
CVE-2023-233748.3Critical
CVE-2023-217944.3Warning
Microsoft official advisories:
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0697
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0698
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0699
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0700
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0701
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0703
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23374
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0696
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0697
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0698
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0699
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0700
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0701
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0702
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0703
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0704
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-0705
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21794
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23374
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1
threats.kaspersky.com/en/product/Microsoft-Edge/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.085 Low
EPSS
Percentile
94.3%