9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2023-36025 critical
CVE-2023-36392 critical
CVE-2023-36017 critical
CVE-2023-36423 critical
CVE-2023-36705 critical
CVE-2023-36398 high
CVE-2023-36425 critical
CVE-2023-36395 critical
CVE-2023-36393 critical
CVE-2023-36401 high
CVE-2023-36036 critical
CVE-2023-36428 high
CVE-2023-36402 critical
CVE-2023-36719 critical
CVE-2023-36424 critical
CVE-2023-36403 high
CVE-2023-36397 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/5032191
support.microsoft.com/kb/5032247
support.microsoft.com/kb/5032248
support.microsoft.com/kb/5032249
support.microsoft.com/kb/5032250
support.microsoft.com/kb/5032252
support.microsoft.com/kb/5032254
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36017
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36392
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36393
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36395
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36397
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36401
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36402
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36403
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36423
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%