What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

Information published.

Information published.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.

Information published.

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.

How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system where a user is running the Network Map functionality over a WiFi networking adapter, which could enable remote code execution.

Information published.

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.

How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system where a user is running the Network Map functionality over a WiFi networking adapter, which could enable remote code execution.

Information published.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) but have major impact on integrity (I:H) and on availability (A:H). What does that mean for this vulnerability?

This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that results in the service being unavailable.

Information published.

How could an attacker exploit this vulnerability?

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.

Information published.

According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.

How could an attacker exploit the vulnerability?

An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution.

Information published.

How could an attacker exploit the vulnerability?

To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side.

Information published.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Information published.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Information published.

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited the vulnerability could elevate privileges and read any file on the file system with SYSTEM access permissions.

According to the CVSS metric, Integrity and Availability impact is None (I:N/A:N). What does that mean for this vulnerability?

An attacker who successfully exploits this vulnerability can only obtain read access to the system files by exploiting this vulnerability. The attacker cannot perform write or delete operations on the files.

Which credential types provided by the Azure Identity client library are affected?

The vulnerability exists in the following credential types:

• DefaultAzureCredential
• ManagedIdentityCredential

Which credential types provided by the Azure Identity client library are affected?

The vulnerability exists in the following credential types:

• ManagedIdentityApplication (.NET)
• ManagedIdentityApplication (Java)
• ManagedIdentityApplication (Node.js)

Information published.

Why is the MITRE Corporation the assigning CNA (CVE Numbering Authority)?

CVE-2023-50868 is regarding a vulnerability in DNSSEC validation where an attacker could exploit standard DNSSEC protocols intended for DNS integrity by using excessive resources on a resolver, causing a denial of service for legitimate users. MITRE created this CVE on their behalf.

Please see CVE-2023-50868 for more information.

Information published.

According to the CVSS metric, user interaction is required (UI:R) and privileges required  is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious file and convince the user to open it.

Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Wix Toolset software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
2. Click on Help and Feedback
3. Click on About Microsoft Edge

Information published.

According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?

An authorized attacker could create a malicious extension and then wait for an authenticated user to create a new Visual Studio project that uses that extension. The result is that the attacker could gain the privileges of the user.

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability?

The performance can be interrupted and/or reduced, but the attacker cannot fully deny service.

Information published.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

A user would have to restart the compromised service on the server to trigger the vulnerability.

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.

Information published.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

This vulnerability could be triggered when a user connects a Windows client to a malicious server.

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to have obtained low privileged code execution on target host first.

According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be on the same network segment as the target system. Traffic associated with exploitation of this vulnerability is not routable and is bound to the data link layer of the OSI model.

Information published.

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.

How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

What privileges could an attacker gain with a successful exploitation?

An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process.

This could lead to further system compromise and unauthorized actions within the network.

Information published.

Information published.

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of integrity (I:H). What does that mean for this vulnerability?

An authenticated attacker could replace valid file content with specially crafted file content.

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.

Information published.