CVE-2023-36574

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Oct 10, 2023

Updated: May 29, 2024

Summary

CVE-2023-36574 is a newly disclosed vulnerability affecting Microsoft Message Queuing (MSMQ). Hackers can exploit this Remote Code Execution (RCE) weakness to gain unauthorized access to affected systems. The issue arises due to insufficient validation of data received through MSMQ. An attacker can craft a malicious message to trigger the RCE, potentially leading to a serious compromise of the targeted system. Microsoft has released a patch to mitigate this threat, and it is strongly recommended that users install the update as soon as possible to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rwca1r
https://www.cve.org/CVERecord?id=CVE-2023-36574
https://nvd.nist.gov/vuln/detail/CVE-2023-36574

Back to Vulnerability Database

CVE-2023-36574

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations