CVE-2023-32084

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 11, 2023

Updated: May 29, 2024

CWE ID 476

Summary

CVE-2023-32084 refers to a Denial of Service (DoS) vulnerability affecting HTTP.sys, a component in Microsoft Windows that handles HTTP and HTTPS communications. An attacker can exploit this vulnerability by sending maliciously crafted HTTP packets to a targeted system, causing HTTP.sys to crash and resulting in a Denial of Service condition. The vulnerability can be exploited remotely, making it a significant security risk for organizations and individuals using Microsoft Windows. Microsoft has released a security update to address this issue, and it is recommended that affected systems be promptly patched to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database