CVE-2023-35349

CVSS 3.1 Score 9.8 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity high
Availability high
Scope unchanged
Privileges Required none

Details

Published Oct 10, 2023
Updated: May 29, 2024
CWE ID 20

Summary

CVE-2023-35349 refers to a remote code execution vulnerability affecting Microsoft Message Queuing (MSMQ). An attacker can exploit this issue by sending specially crafted MSMQ messages to a target system, potentially gaining unauthorized access and executing arbitrary code. This vulnerability poses a significant risk, as MSMQ is widely used in enterprise environments, and successful exploitation could lead to serious consequences, including data theft, system compromise, and denial-of-service attacks. Organizations are strongly advised to apply the available patches or workarounds as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share