Kaspersky ID:
KLA20233
Detect Date:
02/14/2023
Updated:
05/30/2024

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
  2. A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
  3. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
  4. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  5. A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
  6. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  7. An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
  8. A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
  9. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
  10. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  11. A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
  12. An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  14. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
  15. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
  16. A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
  17. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
  18. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
  19. A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
  20. A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
  21. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
  22. An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.
  23. An information disclosure vulnerability in HTTP.sys can be exploited remotely to obtain sensitive information.
 
 

 

 

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2023-21699
    high
  • CVE-2023-21801
    high
  • CVE-2023-21803
    critical
  • CVE-2023-21823
    high
  • CVE-2023-21689
    critical
  • CVE-2023-21690
    critical
  • CVE-2023-21817
    high
  • CVE-2023-21693
    high
  • CVE-2023-21816
    high
  • CVE-2023-21805
    high
  • CVE-2023-21812
    high
  • CVE-2023-21701
    high
  • CVE-2023-21688
    high
  • CVE-2023-21822
    high
  • CVE-2023-21820
    high
  • CVE-2023-21695
    high
  • CVE-2023-21694
    high
  • CVE-2023-21700
    high
  • CVE-2023-21685
    high
  • CVE-2023-21799
    high
  • CVE-2023-21818
    high
  • CVE-2023-21697
    high
  • CVE-2023-21811
    high
  • CVE-2023-21684
    high
  • CVE-2023-21692
    critical
  • CVE-2023-21702
    high
  • CVE-2023-23376
    high
  • CVE-2023-21686
    high
  • CVE-2023-21802
    high
  • CVE-2023-21797
    high
  • CVE-2023-21813
    high
  • CVE-2023-21798
    high
  • CVE-2023-21691
    high
  • CVE-2023-21804
    high
  • CVE-2023-21819
    high
  • CVE-2023-21687
    high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.