Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS23_NOV_5032189.NASL
HistoryNov 14, 2023 - 12:00 a.m.

KB5032189: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (November 2023)

2023-11-1400:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
68
windows 10
version 21h2
version 22h2
security update
november 2023
microsoft wdac
ole db provider
sql server
remote code execution
cve-2023-36402
windows pragmatic general multicast
pgm
remote code execution
cve-2023-36397
microsoft protected extensible authentication protocol
peap
remote code execution
cve-2023-36028
nessus
self-reported version number
scanner

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.57 Medium

EPSS

Percentile

97.7%

JSON

The remote Windows host is missing security update 5032189. It is, therefore, affected by multiple vulnerabilities

  • Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402)

  • Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVE-2023-36397)

  • Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability (CVE-2023-36028)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.

#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
##

include('compat.inc');

if (description)
{
  script_id(185585);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/17");

  script_cve_id(
    "CVE-2023-24023",
    "CVE-2023-36017",
    "CVE-2023-36025",
    "CVE-2023-36028",
    "CVE-2023-36033",
    "CVE-2023-36036",
    "CVE-2023-36047",
    "CVE-2023-36393",
    "CVE-2023-36394",
    "CVE-2023-36397",
    "CVE-2023-36398",
    "CVE-2023-36400",
    "CVE-2023-36401",
    "CVE-2023-36402",
    "CVE-2023-36403",
    "CVE-2023-36404",
    "CVE-2023-36405",
    "CVE-2023-36408",
    "CVE-2023-36423",
    "CVE-2023-36424",
    "CVE-2023-36425",
    "CVE-2023-36427",
    "CVE-2023-36428",
    "CVE-2023-36705",
    "CVE-2023-36719",
    "CVE-2023-38039",
    "CVE-2023-38545",
    "CVE-2024-21315"
  );
  script_xref(name:"MSKB", value:"5032189");
  script_xref(name:"MSFT", value:"MS23-5032189");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/12/05");
  script_xref(name:"CEA-ID", value:"CEA-2023-0052");
  script_xref(name:"IAVA", value:"2023-A-0638-S");
  script_xref(name:"IAVA", value:"2023-A-0636-S");
  script_xref(name:"IAVA", value:"2024-A-0105");

  script_name(english:"KB5032189: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (November 2023)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host is missing security update 5032189. It is, therefore, affected by multiple vulnerabilities

  - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402)

  - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVE-2023-36397)

  - Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
    (CVE-2023-36028)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/help/5032189");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21315");
  script_set_attribute(attribute:"solution", value:
"Apply Security Update 5032189");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-38545");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/11/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows_10_21h2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows_10_22h2");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_reg_query.inc');

get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');

var bulletin = 'MS23-11';
var kbs = make_list(
  '5032189'
);

if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit('SMB/Registry/Enumerated');
get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);

if (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

var share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

var os_name = get_kb_item("SMB/ProductName");

if (  ( ("enterprise" >< tolower(os_name) || "education" >< tolower(os_name))
      &&
      smb_check_rollup(os:'10',
                    os_build:19044,
                    rollup_date:'11_2023',
                    bulletin:bulletin,
                    rollup_kb_list:[5032189])
    )
  ||
    smb_check_rollup(os:'10',
                    os_build:19045,
                    rollup_date:'11_2023',
                    bulletin:bulletin,
                    rollup_kb_list:[5032189])
)
{
  replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, hotfix_get_audit_report());
}
VendorProductVersionCPE
microsoftwindows_10_22h2cpe:/o:microsoft:windows_10_22h2
microsoftwindows_10_21h2cpe:/o:microsoft:windows_10_21h2

References

Related

openvas 6
nessus 13
mskb 16
kaspersky 4
talosblog 2
qualysblog 1
thn 7
ibm 3
rapid7blog 1
malwarebytes 1
cvelist 25
mscve 23
nvd 24
prion 22
cve 23
vulnrichment 11
krebs 1
cisa_kev 3
githubexploit 4
debiancve 1
hivepro 2
freebsd 1
cbl_mariner 1
attackerkb 2
hackerone 1
redhatcve 1
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5032189)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032199)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032196)
2023-11-15 00:00:00
nessus
nessus
KB5032199: Windows 10 LTS 1507 Security Update (November 2023)
2023-11-14 00:00:00
KB5032196: Windows 10 version 1809 / Windows Server 2019 Security Update (November 2023)
2023-11-14 00:00:00
KB5032192: Windows 11 version 21H2 Security Update (November 2023)
2023-11-14 00:00:00
mskb
mskb
November 14, 2023—KB5032196 (OS Build 17763.5122)
2024-02-20 08:00:00
November 14, 2023—KB5032189 (OS Builds 19044.3693 and 19045.3693)
2024-02-20 08:00:00
November 14, 2023—KB5032192 (OS Build 22000.2600)
2024-02-20 08:00:00
kaspersky
kaspersky
KLA61980 Multiple vulnerabilities in Microsoft Products (ESU)
2023-11-14 00:00:00
KLA61975 Multiple vulnerabilities in Microsoft Windows
2023-11-14 00:00:00
KLA61541 Multiple vulnerabilities in Microsoft Windows
2023-10-19 00:00:00
talosblog
talosblog
Microsoft discloses only three critical vulnerabilities in November’s Patch Tuesday update, three other zero-days
2023-11-14 19:46:02
We all just need to agree that ad blockers are good
2023-11-16 19:00:39
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
2023-11-14 20:29:03
thn
thn
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
2023-11-15 05:46:00
Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
2023-12-22 12:46:00
Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice
2024-03-27 07:56:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in libcURL affect IBM Rational ClearCase.
2024-03-13 14:31:39
Security Bulletin: Multiple publicly disclosed libcurl vulnerabilities affect IBM Safer Payments
2024-04-04 10:41:34
Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC
2023-12-20 19:15:09
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09
malwarebytes
malwarebytes
Update now! Microsoft patches 3 actively exploited zero-days
2023-11-15 22:04:31
cvelist
cvelist
CVE-2024-21315 Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
2024-02-13 18:02:27
CVE-2023-36405 Windows Kernel Elevation of Privilege Vulnerability
2023-11-14 17:57:19
CVE-2023-36394 Windows Search Service Elevation of Privilege Vulnerability
2023-11-14 17:57:26
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2023-11-14 08:00:00
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
2024-02-20 08:00:00
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
2023-11-14 08:00:00
nvd
nvd
CVE-2023-36047
2023-11-14 18:15:36
CVE-2023-36017
2023-11-14 18:15:31
CVE-2023-36404
2023-11-14 18:15:42
prion
prion
Remote code execution
2023-11-14 18:15:00
Privilege escalation
2024-02-13 18:15:00
Privilege escalation
2023-11-14 18:15:00
cve
cve
CVE-2023-36028
2023-11-14 18:15:32
CVE-2023-36427
2023-11-14 18:15:46
CVE-2023-36405
2023-11-14 18:15:42
vulnrichment
vulnrichment
CVE-2024-21315 Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
2024-02-13 18:02:27
CVE-2023-36047 Windows Authentication Elevation of Privilege Vulnerability
2023-11-14 17:57:28
CVE-2023-36398 Windows NTFS Information Disclosure Vulnerability
2023-11-14 17:57:24
krebs
krebs
Microsoft Patch Tuesday, November 2023 Edition
2023-11-14 23:00:59
cisa_kev
cisa_kev
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
2023-11-14 00:00:00
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
2023-11-14 00:00:00
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 00:00:00
githubexploit
githubexploit
Exploit for CVE-2023-36427
2023-10-09 16:55:18
Exploit for Out-of-bounds Read in Microsoft
2024-03-21 21:39:24
Exploit for CVE-2023-36025
2023-12-28 23:29:04
debiancve
debiancve
CVE-2023-24023
2023-11-28 07:15:41
hivepro
hivepro
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
2024-02-13 11:12:58
Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack
2024-02-08 14:06:16
freebsd
freebsd
curl -- HTTP headers eat all memory
2023-09-13 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-38039 affecting package curl for versions less than 8.3.0-1
2023-10-11 01:41:59
attackerkb
attackerkb
CVE-2023-36036
2023-11-14 00:00:00
CVE-2023-36025
2023-11-14 00:00:00
hackerone
hackerone
curl: CVE-2023-38039: HTTP header allocation DOS
2023-07-17 12:43:20
redhatcve
redhatcve
CVE-2023-24023
2023-12-18 07:56:46

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.57 Medium

EPSS

Percentile

97.7%

JSON
Related for SMB_NT_MS23_NOV_5032189.NASL
openvas6nessus13mskb16kaspersky4talosblog2qualysblog1thn7ibm3rapid7blog1malwarebytes1cvelist25mscve23nvd24prion22cve23vulnrichment11krebs1cisa_kev3githubexploit4debiancve1hivepro2freebsd1cbl_mariner1attackerkb2hackerone1redhatcve1