Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA68914
HistoryJun 11, 2024 - 12:00 a.m.

KLA68914 Multiple vulnerabilities in Microsoft Products (ESU)

2024-06-1100:00:00
Kaspersky Lab
threats.kaspersky.com
20
microsoft
esu
denial of service
code execution
remote exploit
privilege escalation
dns
msmq
win32k
kernel-mode driver
wi-fi driver
link layer
streaming service
winlogon
storage management
win32 kernel
rras
ole
dfs
themes
dhcp server

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in DNS protocol can be exploited remotely to cause denial of service.
  2. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
  3. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  4. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
  5. A remote code execution vulnerability in Windows Wi-Fi Driver can be exploited remotely to execute arbitrary code.
  6. A remote code execution vulnerability in Windows Link Layer Topology Discovery Protocol can be exploited remotely to execute arbitrary code.
  7. An elevation of privilege vulnerability in Microsoft Streaming Service can be exploited remotely to gain privileges.
  8. An elevation of privilege vulnerability in Winlogon can be exploited remotely to gain privileges.
  9. A remote code execution vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to execute arbitrary code.
  10. An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
  11. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
  12. A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
  13. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  14. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
  15. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
  16. A denial of service vulnerability in Windows Themes can be exploited remotely to cause denial of service.
  17. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.

Original advisories

CVE-2023-50868

CVE-2024-30080

CVE-2024-30091

CVE-2024-35250

CVE-2024-30084

CVE-2024-30078

CVE-2024-30075

CVE-2024-30090

CVE-2024-30066

CVE-2024-30062

CVE-2024-30093

CVE-2024-30087

CVE-2024-30086

CVE-2024-30083

CVE-2024-30095

CVE-2024-30067

CVE-2024-30077

CVE-2024-30082

CVE-2024-30094

CVE-2024-30063

CVE-2024-30074

CVE-2024-30065

CVE-2024-30070

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Endpoint-Configuration-Manager

CVE list

CVE-2023-50868 warning

CVE-2024-30080 critical

CVE-2024-30091 critical

CVE-2024-35250 critical

CVE-2024-30084 high

CVE-2024-30078 critical

CVE-2024-30075 critical

CVE-2024-30090 high

CVE-2024-30066 high

CVE-2024-30062 critical

CVE-2024-30093 high

CVE-2024-30087 critical

CVE-2024-30086 critical

CVE-2024-30083 critical

CVE-2024-30095 critical

CVE-2024-30067 high

CVE-2024-30077 critical

CVE-2024-30082 critical

CVE-2024-30094 critical

CVE-2024-30063 high

CVE-2024-30074 critical

CVE-2024-30065 high

CVE-2024-30070 critical

KB list

5039260

5039289

5039266

5039294

5039245

5039274

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2012 R2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012

References

Related

mskb 15
nessus 26
openvas 10
kaspersky 1
qualysblog 1
talosblog 1
thn 1
rapid7blog 1
cve 23
vulnrichment 18
cvelist 23
nvd 23
mscve 23
krebs 1
zdi 7
githubexploit 2
veracode 1
ibm 1
alpinelinux 1
cgr 1
redhatcve 1
f5 1
prion 1
ubuntucve 1
osv 5
cbl_mariner 1
wolfi 1
debiancve 1
almalinux 1
freebsd 1
amazon 1
redhat 2
fedora 2
mskb
mskb
June 11, 2024—KB5039294 (Monthly Rollup)
2024-06-11 07:00:00
June 11, 2024—KB5039260 (Monthly Rollup)
2024-06-11 07:00:00
June 11, 2024—KB5039245 (Monthly Rollup)
2024-06-11 07:00:00
nessus
nessus
KB5039294: Windows Server 2012 R2 Security Update (June 2024)
2024-06-11 00:00:00
KB5039260: Windows Server 2012 Security Update (June 2024)
2024-06-11 00:00:00
KB5039266: Windows Server 2008 Security Update (June 2024)
2024-06-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5039225)
2024-06-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5039214)
2024-06-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5039217)
2024-06-12 00:00:00
kaspersky
kaspersky
KLA68915 Multiple vulnerabilities in Microsoft Windows
2024-06-11 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review
2024-06-11 18:18:03
talosblog
talosblog
Only one critical issue disclosed as part of Microsoft Patch Tuesday
2024-06-11 17:46:14
thn
thn
Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability
2024-06-12 04:26:00
rapid7blog
rapid7blog
Patch Tuesday - June 2024
2024-06-11 19:43:48
cve
cve
CVE-2024-30075
2024-06-11 17:15:54
CVE-2024-30062
2024-06-11 17:15:51
CVE-2024-30074
2024-06-11 17:15:54
vulnrichment
vulnrichment
CVE-2024-30062 Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
2024-06-11 16:59:49
CVE-2024-30074 Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
2024-06-11 16:59:42
CVE-2024-30090 Microsoft Streaming Service Elevation of Privilege Vulnerability
2024-06-11 16:59:57
cvelist
cvelist
CVE-2024-30074 Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
2024-06-11 16:59:42
CVE-2024-30075 Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
2024-06-11 16:59:43
CVE-2024-30062 Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
2024-06-11 16:59:49
nvd
nvd
CVE-2024-30074
2024-06-11 17:15:54
CVE-2024-30075
2024-06-11 17:15:54
CVE-2024-30084
2024-06-11 17:15:55
mscve
mscve
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
2024-06-11 07:00:00
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
2024-06-11 07:00:00
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
2024-06-11 07:00:00
krebs
krebs
Patch Tuesday, June 2024 “Recall” Edition
2024-06-11 22:57:35
zdi
zdi
Microsoft Windows Menu DC Brush Use-After-Free Local Privilege Escalation Vulnerability
2024-06-12 00:00:00
Microsoft Windows Menu DC Bitmap Use-After-Free Local Privilege Escalation Vulnerability
2024-06-20 00:00:00
(Pwn2Own) Microsoft Windows win32kfull Improper Input Validation Local Privilege Escalation Vulnerability
2024-06-12 00:00:00
githubexploit
githubexploit
Exploit for Improper Input Validation in Microsoft
2024-06-16 08:06:03
Exploit for CVE-2024-30078
2024-06-15 19:37:56
veracode
veracode
Denial Of Service
2024-02-15 02:59:19
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND [CVE-2023-50868]
2024-06-20 18:01:02
alpinelinux
alpinelinux
CVE-2023-50868
2024-02-14 16:15:45
cgr
cgr
CVE-2023-50868 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2023-50868
2024-02-13 20:27:25
f5
f5
K000139084 : DNS vulnerability CVE-2023-50868
2024-03-28 00:00:00
prion
prion
Code injection
2024-02-14 16:15:00
ubuntucve
ubuntucve
CVE-2023-50868
2024-02-13 00:00:00
osv
osv
CVE-2023-50868
2024-02-14 16:15:45
Important: dnsmasq security update
2024-03-14 00:00:00
unbound vulnerabilities
2024-02-28 13:10:23
cbl_mariner
cbl_mariner
CVE-2023-50868 affecting package unbound for versions less than 1.19.1-1
2024-03-05 17:52:42
wolfi
wolfi
CVE-2023-50868 vulnerabilities
2024-06-22 21:09:10
debiancve
debiancve
CVE-2023-50868
2024-02-14 16:15:45
almalinux
almalinux
Important: dnsmasq security update
2024-03-14 00:00:00
freebsd
freebsd
powerdns-recursor -- Multiple Vulnerabilities
2024-02-14 00:00:00
amazon
amazon
Important: unbound
2024-02-29 10:03:00
redhat
redhat
(RHSA-2024:0981) Important: unbound security update
2024-02-26 09:13:42
(RHSA-2024:0982) Important: unbound security update
2024-02-26 09:15:03
fedora
fedora
[SECURITY] Fedora 39 Update: unbound-1.19.1-2.fc39
2024-02-18 00:55:50
[SECURITY] Fedora 38 Update: pdns-recursor-4.8.6-1.fc38
2024-02-23 01:32:18

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON
Related for KLA68914
mskb15nessus26openvas10kaspersky1qualysblog1talosblog1thn1rapid7blog1cve23vulnrichment18cvelist23nvd23mscve23krebs1zdi7githubexploit2veracode1ibm1alpinelinux1cgr1redhatcve1f51prion1ubuntucve1osv5cbl_mariner1wolfi1debiancve1almalinux1freebsd1amazon1redhat2fedora2