CVE-2023-36910

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: May 29, 2024

CWE ID 190

Summary

CVE-2023-36910 is a newly disclosed vulnerability affecting Microsoft Message Queuing (MSMQ) that permits remote code execution. An attacker can exploit this issue by sending a specially crafted message to an MSMQ queue, which could result in the execution of arbitrary code on the target system. Successful exploitation may lead to significant security risks, including data theft, system compromise, or further spreading of malware. Microsoft has released a security update to address this vulnerability and strongly encourages users to install the patch as soon as possible to mitigate potential threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzrSMV
https://www.cve.org/CVERecord?id=CVE-2023-36910
https://nvd.nist.gov/vuln/detail/CVE-2023-36910

Back to Vulnerability Database

CVE-2023-36910

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations