Cyber Resilience

CVE-2023-32571

CriticalPublic PoC

Published: 22 June 2023

Published
22 June 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7691 99.0th percentile
Risk Priority 66 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-32571 is a critical-severity Incorrect Comparison (CWE-697) vulnerability in Dynamic-Linq Linq. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-32571 is a remote code execution vulnerability affecting Dynamic LINQ (System.Linq.Dynamic.Core) versions 1.0.7.10 through 1.2.25 prior to 1.3.0. The flaw arises when untrusted input is supplied to methods such as Where, Select, and OrderBy, which are then parsed without sufficient validation, enabling arbitrary code and command execution. The issue carries a CVSS 3.1 base score of 9.8.

An attacker with network access can supply crafted expressions to these methods in any application that accepts dynamic LINQ queries from external sources. Successful exploitation grants full confidentiality, integrity, and availability impact without requiring authentication or user interaction.

The project repository and NCC Group advisory both point to upgrading to version 1.3.0 or later as the primary remediation, which addresses the unsafe parsing behavior.

The associated EPSS score has reached a peak of 0.8049 with a current value of 0.7691, indicating sustained exploitation interest following disclosure.

EU & UK References

Vulnerability details

Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dynamic-linq
linq
1.0.7.10 — 1.2.25

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References