CVE-2023-35638

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 12, 2023
Updated: May 29, 2024
CWE ID 126

Summary

CVE-2023-35638 is a newly discovered Denial of Service (DoS) vulnerability affecting DHCP (Dynamic Host Configuration Protocol) Server services. This issue allows an unauthenticated attacker to send specially crafted packets to the targeted DHCP server, causing it to crash and become unresponsive. The DHCP server is a critical component of the network infrastructure, responsible for assigning IP addresses to devices. An attacker exploiting this vulnerability could cause widespread network disruption and connectivity issues. It is recommended that affected organizations apply the available patches as soon as possible to mitigate the risk of a potential attack.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2016
  • Windows Server 2022
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2012 R2

Affected Vendors

  • Microsoft