CVE-2023-36589

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Oct 10, 2023

Updated: May 29, 2024

Summary

CVE-2023-36589 is a remote code execution vulnerability affecting Microsoft Message Queuing (MSMQ). An attacker can exploit this vulnerability by sending a specially crafted message to an MSMQ queue, resulting in arbitrary code execution on the target system. Successful exploitation allows the attacker to gain the same user rights as the MSMQ service account, potentially leading to significant security compromises. Microsoft has released a patch to address this issue, and it is recommended that affected systems be updated as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rwcLx0
https://www.cve.org/CVERecord?id=CVE-2023-36589
https://nvd.nist.gov/vuln/detail/CVE-2023-36589

Back to Vulnerability Database

CVE-2023-36589

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations