Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently.

githubexploit 7

vulnrichment 2

hivepro 1

zdt 1

prion 2

metasploit 2

ics 1

cvelist 2

nvd 2

nessus 12

cve 2

mscve 2

attackerkb 1

cisa_kev 1

packetstorm 1

securelist 10

malwarebytes 1

thn 2

qualysblog 4

rapid7blog 4

talosblog 2

avleonov 2

krebs 1

trellix 2

mskb 15

openvas 8

kaspersky 2

githubexploit

Exploit for Improper Input Validation in Microsoft

2023-05-18 10:30:49

Exploit for Heap-based Buffer Overflow in Microsoft

2024-01-01 15:30:33

Exploit for Improper Input Validation in Microsoft

2023-08-17 17:16:46

vulnrichment

CVE-2023-21554 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

2023-04-11 19:13:25

CVE-2023-28252 Windows Common Log File System Driver Elevation of Privilege Vulnerability

2023-04-11 19:13:51

hivepro

Cybercrime group exploits zero-day on Windows servers to deploy Nokoyawa ransomware

2023-04-12 11:17:33

zdt

Windows Common Log File System Driver (clfs.sys) Privilege Escalation Exploit

2023-09-14 00:00:00

prion

Privilege escalation

2023-04-11 21:15:00

Remote code execution

2023-04-11 21:15:00

metasploit

Windows Common Log File System Driver (clfs.sys) Elevation of Privilege Vulnerability

2023-07-28 07:43:37

CVE-2023-21554 - QueueJumper - MSMQ RCE Check

2023-08-10 22:34:30

ics

Mitsubishi Electric Electrical Discharge Machines (Update A)

2024-04-23 12:00:00

cvelist

CVE-2023-21554 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

2023-04-11 19:13:25

CVE-2023-28252 Windows Common Log File System Driver Elevation of Privilege Vulnerability

2023-04-11 19:13:51

nvd

CVE-2023-21554

2023-04-11 21:15:15

CVE-2023-28252

2023-04-11 21:15:25

nessus

Microsoft Message Queuing RCE (CVE-2023-21554, QueueJumper)

2023-05-10 00:00:00

KB5025273: Windows Server 2008 Security Update (April 2023)

2023-04-11 00:00:00

KB5025277: Windows Server 2008 R2 Security Update (April 2023)

2023-04-11 00:00:00

cve

CVE-2023-28252

2023-04-11 21:15:25

CVE-2023-21554

2023-04-11 21:15:15

mscve

Windows Common Log File System Driver Elevation of Privilege Vulnerability

2023-04-11 07:00:00

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

2023-04-11 07:00:00

attackerkb

CVE-2023-28252

2023-04-11 00:00:00

cisa_kev

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

2023-04-11 00:00:00

packetstorm

Windows Common Log File System Driver (clfs.sys) Privilege Escalation

2023-09-14 00:00:00

securelist

IT threat evolution in Q2 2023

2023-08-30 10:00:05

Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

2023-12-21 10:00:01

Nokoyawa ransomware attacks with Windows zero-day

2023-04-11 17:36:20

malwarebytes

Update now! April’s Patch Tuesday includes a fix for one zero-day

2023-04-12 10:00:00

thn

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

2023-04-12 06:38:00

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

2023-12-26 07:26:00

qualysblog

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk

2024-03-25 15:44:18

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

2023-09-26 13:04:00

Microsoft and Adobe Patch Tuesday April 2023 Security Update Review

2023-04-12 00:16:25

rapid7blog

Metasploit Weekly Wrap-Up

2023-09-08 18:03:17

Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023

2023-12-29 19:38:15

Metasploit Weekly Wrap-Up

2023-09-15 18:54:45

talosblog

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

2023-04-11 19:28:27

Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole

2023-04-13 18:00:40

avleonov

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor

2023-04-23 23:11:58

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP

2023-04-27 22:03:04

krebs

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

2023-04-12 00:06:51

trellix

The Bug Report – April 2023 Edition

2023-05-03 00:00:00

The Bug Report – April 2023 Edition

2023-05-03 00:00:00

mskb

April 11, 2023—KB5025271 (Monthly Rollup)

2023-04-11 07:00:00

April 11, 2023—KB5025273 (Security-only update)

2023-04-11 07:00:00

April 11, 2023—KB5025277 (Security-only update)

2023-04-11 07:00:00

openvas

Microsoft Windows Multiple Vulnerabilities (KB5025279)

2023-04-12 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5025221)

2023-04-12 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5025234)

2023-04-12 00:00:00

kaspersky

KLA48842 Multiple vulnerabilities in Microsoft Products (ESU)

2023-04-11 00:00:00

KLA48845 Multiple vulnerabilities in Microsoft Windows

2023-04-11 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.956 High

EPSS

Percentile

99.4%

JSON

Related for WIZBLOG:98476FAFC06DF60C01E5DDB2E4BE1287