CVE-2023-24867
Published: 14 March 2023
Summary
CVE-2023-24867 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 5.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Microsoft PostScript and PCL6 Class Printer Driver contains a remote code execution vulnerability tracked as CVE-2023-24867. The flaw is rated 8.8 under CVSS 3.1 with an attack vector of network, low complexity, low privileges required, and no user interaction needed, resulting in high impact to confidentiality, integrity, and availability. It is associated with CWE-122 and affects the indicated Microsoft printer driver components.
An attacker with low-privileged network access can exploit the issue to execute arbitrary code on affected systems without user interaction, potentially leading to full compromise of the target host.
Microsoft has published guidance for the vulnerability in its security update guide at the referenced MSRC URL, which includes details on available patches and mitigation steps for affected printer drivers. The associated EPSS score has remained flat at 0.1322 with no material increase observed since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-28857
Vulnerability details
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.