Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-24941
HistoryMay 09, 2023 - 6:15 p.m.

CVE-2023-24941

2023-05-0918:15:12
CWE-908
[email protected]
web.nvd.nist.gov
305
windows
network
file system
remote code execution
vulnerability
cve-2023-24941
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.529 Medium

EPSS

Percentile

97.6%

JSON

Windows Network File System Remote Code Execution Vulnerability

Affected configurations

Vulners
NVD
Node
microsoftwindows_server_2019Range10.0.0–10.0.17763.4377
OR
microsoftwindows_server_2019Range10.0.0–10.0.17763.4377
OR
microsoftwindows_server_2022Range10.0.0–10.0.20348.1726
OR
microsoftwindows_server_2022Range10.0.0–10.0.20348.1724
OR
microsoftwindows_server_2016Range10.0.0–10.0.14393.5921
OR
microsoftwindows_server_2016Range10.0.0–10.0.14393.5921
OR
microsoftwindows_server_2012Range6.2.0–6.2.9200.24266
OR
microsoftwindows_server_2012Range6.2.0–6.2.9200.24266
OR
microsoftwindows_server_2012_r2Range6.3.0–6.3.9600.20969
OR
microsoftwindows_server_2012_r2Range6.3.0–6.3.9600.20969
VendorProductVersionCPE
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_server_2016*cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
microsoftwindows_server_2016*cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2012_r2*cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*
microsoftwindows_server_2012_r2*cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2019",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4377:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.17763.4377",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2019 (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4377:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.17763.4377",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2022",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1726:*:*:*:*:*:*:*",
      "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1724:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.20348.1726",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "10.0.0",
        "lessThan": "10.0.20348.1724",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2016",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5921:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.5921",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2016 (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5921:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.5921",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24266:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.2.0",
        "lessThan": "6.2.9200.24266",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012 (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24266:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.2.0",
        "lessThan": "6.2.9200.24266",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012 R2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20969:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.3.0",
        "lessThan": "6.3.9600.20969",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012 R2 (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20969:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.3.0",
        "lessThan": "6.3.9600.20969",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Related

nvd 1
cvelist 1
prion 1
mscve 1
malwarebytes 1
krebs 1
avleonov 1
talosblog 1
qualysblog 1
mskb 8
nessus 5
kaspersky 1
rapid7blog 1
nvd
nvd
CVE-2023-24941
2023-05-09 18:15:12
cvelist
cvelist
CVE-2023-24941 Windows Network File System Remote Code Execution Vulnerability
2023-05-09 17:02:53
prion
prion
Remote code execution
2023-05-09 18:15:00
mscve
mscve
Windows Network File System Remote Code Execution Vulnerability
2023-05-09 07:00:00
malwarebytes
malwarebytes
Update now! May 2023 Patch Tuesday tackles three zero-days
2023-05-10 05:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2023 Edition
2023-05-10 01:19:58
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14
talosblog
talosblog
Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years
2023-05-09 17:47:29
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
mskb
mskb
May 9, 2023—KB5026419 (Monthly Rollup)
2023-05-09 07:00:00
May 9, 2023—KB5026409 (Security-only update)
2023-05-09 07:00:00
May 9, 2023—KB5026411 (Security-only update)
2023-05-09 07:00:00
nessus
nessus
KB5026409: Windows 8.1 Embedded and Windows Server 2012 R2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026411: Windows Server 2012 Security Update (May 2023)
2023-05-09 00:00:00
KB5026370: Windows 2022 / Azure Stack HCI 22H2 Security Update (May 2023)
2023-05-09 00:00:00
kaspersky
kaspersky
KLA49154 Multiple vulnerabilities in Microsoft Windows
2023-05-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.529 Medium

EPSS

Percentile

97.6%

JSON
Related for CVE-2023-24941
nvd1cvelist1prion1mscve1malwarebytes1krebs1avleonov1talosblog1qualysblog1mskb8nessus5kaspersky1rapid7blog1