CVE-2023-36603

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 10, 2023

Updated: May 29, 2024

CWE ID 476

Summary

CVE-2023-36603 is a newly disclosed Denial of Service (DoS) vulnerability affecting Windows TCP/IP. Hackers can exploit this weakness by sending maliciously crafted packets to target systems, causing them to become unresponsive and cease normal operations. This can result in a significant disruption of network services and potential downtime for affected organizations. The vulnerability lies in the way Windows TCP/IP handles certain packet processing, and no authenticated user interaction or specific privileges are required to trigger it. Microsoft has released a patch to address this issue, and it is strongly recommended that all Windows systems be updated as soon as possible to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database