CVE-2023-23405
Published: 14 March 2023
Summary
CVE-2023-23405 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 8.1 (High).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-23405 is a remote code execution vulnerability in the Remote Procedure Call Runtime component. It carries a CVSS 3.1 base score of 8.1 with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H and is associated with CWE-190. The flaw was published on 14 March 2023 and affects Microsoft Windows systems that expose RPC functionality.
An unauthenticated remote attacker can trigger the issue over the network without user interaction, although successful exploitation requires high attack complexity. If successful, the attacker can execute arbitrary code with the privileges of the RPC service, resulting in full compromise of confidentiality, integrity, and availability on the target system.
Microsoft’s Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23405 provides official guidance and links to security updates that address the vulnerability. The current and peak EPSS scores both stand at 0.0507, indicating limited observed exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-27505
Vulnerability details
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.