CVE-2023-45284

Summary

CVE-2023-45284 is a vulnerability affecting Windows systems. The issue lies with the IsLocal function, which fails to identify some reserved device names as non-local. Specifically, names containing spaces after reserved names like "COM1 " and names "COM" or "LPT" followed by a superscript character (1, 2, or 3) are incorrectly considered local. This vulnerability could potentially be exploited to gain unauthorized access or perform unintended actions. With the release of a fix, the IsLocal function now accurately reports these names as non-local, mitigating the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.