Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently.

hivepro 1

githubexploit 7

zdt 1

metasploit 2

nessus 12

prion 2

ics 1

attackerkb 1

cve 2

mscve 2

cisa_kev 1

packetstorm 1

malwarebytes 1

securelist 9

thn 2

qualysblog 4

talosblog 2

rapid7blog 4

avleonov 2

krebs 1

trellix 2

mskb 15

kaspersky 2

openvas 8

hivepro

Cybercrime group exploits zero-day on Windows servers to deploy Nokoyawa ransomware

2023-04-12 11:17:33

githubexploit

Exploit for Vulnerability in Microsoft

2023-05-18 10:30:49

Exploit for Vulnerability in Microsoft

2024-01-01 15:30:33

Exploit for Vulnerability in Microsoft

2023-08-17 17:16:46

zdt

Windows Common Log File System Driver (clfs.sys) Privilege Escalation Exploit

2023-09-14 00:00:00

metasploit

CVE-2023-21554 - QueueJumper - MSMQ RCE Check

2023-08-10 22:34:30

Windows Common Log File System Driver (clfs.sys) Elevation of Privilege Vulnerability

2023-07-28 07:43:37

nessus

Microsoft Message Queuing RCE (CVE-2023-21554, QueueJumper)

2023-05-10 00:00:00

KB5025273: Windows Server 2008 Security Update (April 2023)

2023-04-11 00:00:00

KB5025277: Windows Server 2008 R2 Security Update (April 2023)

2023-04-11 00:00:00

prion

Remote code execution

2023-04-11 21:15:00

Privilege escalation

2023-04-11 21:15:00

ics

Mitsubishi Electric Electrical Discharge Machines (Update A)

2024-04-23 12:00:00

attackerkb

CVE-2023-28252

2023-04-11 00:00:00

cve

CVE-2023-28252

2023-04-11 21:15:25

CVE-2023-21554

2023-04-11 21:15:15

mscve

Windows Common Log File System Driver Elevation of Privilege Vulnerability

2023-04-11 07:00:00

Microsoft Message Queuing Remote Code Execution Vulnerability

2023-04-11 07:00:00

cisa_kev

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

2023-04-11 00:00:00

packetstorm

Windows Common Log File System Driver (clfs.sys) Privilege Escalation

2023-09-14 00:00:00

malwarebytes

Update now! April’s Patch Tuesday includes a fix for one zero-day

2023-04-12 10:00:00

securelist

IT threat evolution in Q2 2023

2023-08-30 10:00:05

Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

2023-12-21 10:00:01

Nokoyawa ransomware attacks with Windows zero-day

2023-04-11 17:36:20

thn

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

2023-04-12 06:38:00

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

2023-12-26 07:26:00

qualysblog

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk

2024-03-25 15:44:18

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

2023-09-26 13:04:00

Microsoft and Adobe Patch Tuesday April 2023 Security Update Review

2023-04-12 00:16:25

talosblog

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

2023-04-11 19:28:27

Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole

2023-04-13 18:00:40

rapid7blog

Metasploit Weekly Wrap-Up

2023-09-08 18:03:17

Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023

2023-12-29 19:38:15

Metasploit Weekly Wrap-Up

2023-09-15 18:54:45

avleonov

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor

2023-04-23 23:11:58

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP

2023-04-27 22:03:04

krebs

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

2023-04-12 00:06:51

trellix

The Bug Report – April 2023 Edition

2023-05-03 00:00:00

The Bug Report – April 2023 Edition

2023-05-03 00:00:00

mskb

April 11, 2023—KB5025273 (Security-only update)

2023-04-11 07:00:00

April 11, 2023—KB5025271 (Monthly Rollup)

2023-04-11 07:00:00

April 11, 2023—KB5025277 (Security-only update)

2023-04-11 07:00:00

kaspersky

KLA48842 Multiple vulnerabilities in Microsoft Products (ESU)

2023-04-11 00:00:00

KLA48845 Multiple vulnerabilities in Microsoft Windows

2023-04-11 00:00:00

openvas

Microsoft Windows Multiple Vulnerabilities (KB5025279)

2023-04-12 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5025234)

2023-04-12 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5025221)

2023-04-12 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.959 High

EPSS

Percentile

99.4%

JSON

Related for WIZBLOG:98476FAFC06DF60C01E5DDB2E4BE1287