Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA49154
HistoryMay 09, 2023 - 12:00 a.m.

KLA49154 Multiple vulnerabilities in Microsoft Windows

2023-05-0900:00:00
Kaspersky Lab
threats.kaspersky.com
37
microsoft windows
arbitrary code execution
security bypass
privilege escalation
sensitive information
denial of service
public exploits
windows server
windows 10
windows 11
av1 video extension
microsoft remote desktop
software updates

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.5 Medium

EPSS

Percentile

97.0%

JSON

Detect date:

05/09/2023

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information, cause denial of service.

Exploitation:

Public exploits exist for this vulnerability.

Affected products:

Windows Server 2012 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
AV1 Video Extension
Windows Server 2016 (Server Core installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 for 32-bit Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 1607 for 32-bit Systems
Microsoft Remote Desktop
Windows 10 Version 22H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows Server 2019
Windows Server 2012 R2
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2012
Windows Server 2019 (Server Core installation)
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows Server 2016
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows Server 2012 R2 (Server Core installation)

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2023-24947
CVE-2023-29324
CVE-2023-24946
CVE-2023-24900
CVE-2023-24939
CVE-2023-29341
CVE-2023-29325
CVE-2023-24932
CVE-2023-24948
CVE-2023-24902
CVE-2023-24899
CVE-2023-24943
CVE-2023-28290
CVE-2023-24941
CVE-2023-24905
CVE-2023-24945
CVE-2023-24942
CVE-2023-28251
CVE-2023-28283
CVE-2023-24940
CVE-2023-24903
CVE-2023-29340
CVE-2023-24949
CVE-2023-24901
CVE-2023-29336
CVE-2023-24944
CVE-2023-24898

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2023-249478.8Critical
CVE-2023-293246.5High
CVE-2023-249467.8Critical
CVE-2023-249005.9High
CVE-2023-249397.5Critical
CVE-2023-293417.8Critical
CVE-2023-293257.5Critical
CVE-2023-249326.7High
CVE-2023-249487.4High
CVE-2023-249027.8Critical
CVE-2023-248997.0High
CVE-2023-249439.8Critical
CVE-2023-282905.3High
CVE-2023-249419.8Critical
CVE-2023-249057.8Critical
CVE-2023-249455.5High
CVE-2023-249427.5Critical
CVE-2023-282515.5High
CVE-2023-282838.1Critical
CVE-2023-249407.5Critical
CVE-2023-249038.1Critical
CVE-2023-293407.8Critical
CVE-2023-249497.8Critical
CVE-2023-249017.5Critical
CVE-2023-293367.8Critical
CVE-2023-249446.5High
CVE-2023-248987.5Critical

KB list:

5026363
5026382
5026456
5026372
5026409
5026366
5026419
5026362
5026411
5026370
5026368
5026361
5026415
5028223
5028182
5028185
5028186
5028166
5028171
5028228
5028168
5028169
5028232
5028233

Microsoft official advisories:

References

Related

nessus 13
openvas 3
mskb 17
kaspersky 1
malwarebytes 1
qualysblog 1
krebs 1
talosblog 2
rapid7blog 1
avleonov 1
thn 6
prion 27
mscve 53
cvelist 27
cve 27
githubexploit 2
zdi 2
cnvd 1
attackerkb 2
cisa_kev 1
veeam 1
msrc 5
schneier 1
securelist 2
trellix 1
nessus
nessus
KB5026361: Windows 10 Version 20H2 / Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026370: Windows 2022 / Azure Stack HCI 22H2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026362: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2023)
2023-05-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5026361)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026368)
2023-07-19 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026382)
2023-05-10 00:00:00
mskb
mskb
May 9, 2023—KB5026372 (OS Build 22621.1702)
2023-05-09 07:00:00
May 9, 2023—KB5026382 (OS Build 10240.19926)
2023-05-09 07:00:00
May 9, 2023—KB5026411 (Security-only update)
2023-05-09 07:00:00
kaspersky
kaspersky
KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)
2023-05-09 00:00:00
malwarebytes
malwarebytes
Update now! May 2023 Patch Tuesday tackles three zero-days
2023-05-10 05:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
krebs
krebs
Microsoft Patch Tuesday, May 2023 Edition
2023-05-10 01:19:58
talosblog
talosblog
Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years
2023-05-09 17:47:29
Threat Source newsletter (May 11, 2023) — So much for that ransomware decline
2023-05-11 18:00:38
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14
thn
thn
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs
2023-05-10 05:34:00
Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation
2023-06-08 14:59:00
A Few More Reasons Why RDP is Insecure (Surprise!)
2023-07-20 10:48:00
prion
prion
Information disclosure
2023-05-09 18:15:00
Remote code execution
2023-05-09 18:15:00
Privilege escalation
2023-05-09 18:15:00
mscve
mscve
AV1 Video Extension Remote Code Execution Vulnerability
2023-05-09 07:00:00
Windows SMB Denial of Service Vulnerability
2023-05-09 07:00:00
Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability
2023-05-09 07:00:00
cvelist
cvelist
CVE-2023-29341 AV1 Video Extension Remote Code Execution Vulnerability
2023-05-09 17:03:05
CVE-2023-29340 AV1 Video Extension Remote Code Execution Vulnerability
2023-05-09 17:03:04
CVE-2023-28290 Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability
2023-05-09 17:03:08
cve
cve
CVE-2023-29341
2023-05-09 18:15:14
CVE-2023-24944
2023-05-09 18:15:12
CVE-2023-29340
2023-05-09 18:15:13
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2023-07-27 17:28:41
Exploit for Vulnerability in Microsoft
2023-06-09 15:36:45
zdi
zdi
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability
2024-05-09 00:00:00
Microsoft Windows PE Parsing Integer Overflow Denial-of-Service Vulnerability
2023-05-10 00:00:00
cnvd
cnvd
Microsoft Windows Backup Engine Elevation of Privilege Vulnerability
2023-05-12 00:00:00
attackerkb
attackerkb
CVE-2023-29336
2023-05-09 00:00:00
CVE-2023-24932
2023-05-09 00:00:00
cisa_kev
cisa_kev
Microsoft Win32K Privilege Escalation Vulnerability
2023-05-09 00:00:00
veeam
veeam
Support Statement regarding Microsoft CVE-2023-24932
2023-05-24 00:00:00
msrc
msrc
CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス
2023-05-09 07:00:00
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
2023-03-14 13:00:00
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
2023-03-14 13:00:00
schneier
schneier
Microsoft Secure Boot Bug
2023-05-17 11:01:08
securelist
securelist
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability
2023-07-19 12:00:41
IT threat evolution Q3 2023
2023-12-01 10:00:09
trellix
trellix
The Bug Report - May 2023 Edition
2023-06-07 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.5 Medium

EPSS

Percentile

97.0%

JSON
Related for KLA49154
nessus13openvas3mskb17kaspersky1malwarebytes1qualysblog1krebs1talosblog2rapid7blog1avleonov1thn6prion27mscve53cvelist27cve27githubexploit2zdi2cnvd1attackerkb2cisa_kev1veeam1msrc5schneier1securelist2trellix1