CVE-2023-24869
Published: 14 March 2023
Summary
CVE-2023-24869 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 8.1 (High).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2023-24869 is a remote code execution flaw in the Remote Procedure Call Runtime component. It is tracked under CWE-190 and carries a CVSS 3.1 base score of 8.1 reflecting a network attack vector, high complexity, no required privileges or user interaction, and high impact across confidentiality, integrity, and availability.
An unauthenticated attacker can target the affected RPC runtime over the network to achieve remote code execution. The high attack complexity requirement limits the ease of reliable exploitation, but success grants the attacker full control equivalent to the privileges of the RPC service.
Microsoft has published an advisory for CVE-2023-24869 that directs administrators to apply the security updates released in the corresponding Patch Tuesday cycle.
EPSS for the CVE has remained flat at 0.0507 with no material rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-28859
Vulnerability details
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.