CVE-2023-35367

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 11, 2023

Updated: May 29, 2024

CWE ID 20

Summary

CVE-2023-35367 is a remote code execution vulnerability affecting Microsoft's Windows Routing and Remote Access Service (RRAS). Malicious actors can exploit this weakness by sending specially crafted RRAS packets to target systems, leading to arbitrary code execution with elevated privileges. Successful exploitation could result in significant compromise, including data theft or system takeover. Users are advised to update their RRAS installations with the latest Microsoft patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzlExH
https://www.cve.org/CVERecord?id=CVE-2023-35367
https://nvd.nist.gov/vuln/detail/CVE-2023-35367

Back to Vulnerability Database

CVE-2023-35367

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations