Lucene search
Insu of 78ResearchLabZDI-23-378HistoryMar 31, 2023 - 12:00 a.m.
Microsoft Windows IKEEXT Service Vendor ID Null Pointer Dereference Denial-of-Service Vulnerability
2023-03-3100:00:00
insu of 78ResearchLab
www.zerodayinitiative.com
16
microsoft windows
ikeext service
vendor id
null pointer dereference
dos
vulnerability
remote attack
udp ports 500
4500
authentication not required
0.008 Low
EPSS
Percentile
81.3%
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted Vendor ID payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
cvelist
cvelist
cve
cve
CVE-2023-21758
2023-01-10 22:15:18
mscve
mscve
nvd
nvd
CVE-2023-21758
2023-01-10 22:15:18
prion
prion
Denial of service
2023-01-10 22:15:00
mskb
mskb
January 10, 2023âKB5022289 (OS Build 14393.5648)
2023-04-11 07:00:00
January 10, 2023âKB5022297 (OS Build 10240.19685)
2023-04-11 07:00:00
January 10, 2023âKB5022291 (OS Build 20348.1487)
2023-04-11 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5022297)
2023-01-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5022289)
2023-01-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5022286)
2023-01-11 00:00:00
nessus
nessus
kaspersky
kaspersky
KLA20154 Multiple vulnerabilities in Microsoft Windows
2023-01-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2023
2023-01-10 22:32:55