Windows Snip & Sketch/ Snipping Tool CVE-2023-28303 (Acropalypse)

2023-06-1300:00:00

www.tenable.com

160

3.7 Low

AI Score

Confidence

High

JSON

An information disclosure vulnerability exists in Windows Snip & Sketch (Windows 10) and Snipping Tool (Windows 11) where parts of a cropped image that were to be removed are not completely deleted and can be restored if saved to the cropped image file.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(177217);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");

  script_cve_id("CVE-2023-28303");

  script_name(english:"Windows Snip & Sketch/ Snipping Tool CVE-2023-28303 (Acropalypse)");

  script_set_attribute(attribute:"synopsis", value:
"The remote windows host has an application installed that is affected by an information disclosure vulnerability.");
  script_set_attribute(attribute:"description", value:
"An information disclosure vulnerability exists in Windows Snip & Sketch (Windows 10) and Snipping Tool (Windows 11) 
where parts of a cropped image that were to be removed are not completely deleted and can be restored if saved to the 
cropped image file.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   
number.");
  # https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28303
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ad297874");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Snip & Sketch 10.2008.3001.0 for Windows 10, Snipping Tool 11.2302.20.0 for Windows 11, or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-28303");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/03/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/06/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:snip_and_sketch");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
  script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

var apps = ['Microsoft.ScreenSketch'];

var app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);

vcf::check_granularity(app_info:app_info, sig_segments:3);

var constraints;
var host_os = get_kb_item('WMI/Host/OS');

if (host_os =~ 'Windows 10')
{
  constraints = [
    {'fixed_version': '10.2008.3001.0'}
  ];
} 
else if (host_os =~ 'Windows 11')
{
  constraints = [
    {'fixed_version': '11.2302.20.0'}
  ]; 
}

vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);

VendorProductVersionCPE
microsoftsnip_and_sketchcpe:/a:microsoft:snip_and_sketch

Vendor	Product	Version	CPE
microsoft	snip_and_sketch		cpe:/a:microsoft:snip_and_sketch

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28303

www.nessus.org/u?ad297874

3.7 Low

AI Score

Confidence

High

JSON

Related for WINDOWS_ACROPALYPSE_CVE-2023-28303.NASL