CVE-2023-28247
Published: 11 April 2023
Summary
CVE-2023-28247 is a high-severity Wrap or Wraparound (CWE-191) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 5.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-28247 is an information disclosure vulnerability affecting the Windows Network File System component. It carries a CVSS 3.1 base score of 7.5 with a network attack vector, low attack complexity, and no requirements for authentication or user interaction, resulting in high impact to confidentiality while leaving integrity and availability unaffected. The underlying weakness is tracked under CWE-191.
An unauthenticated remote attacker can send specially crafted requests to an affected Windows system running NFS services and obtain sensitive information that would otherwise be inaccessible. Because the flaw requires no privileges or user assistance, exploitation can be performed from anywhere on the network that can reach the NFS endpoint.
Microsoft's Security Response Center advisory at the referenced URL details available security updates and configuration guidance for mitigating the issue. The EPSS score has remained flat at 0.1332 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-31955
Vulnerability details
Windows Network File System Information Disclosure Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.