Rewterz Threat Alert – CVE-2023-3519 Exploited: Credential Harvesting Campaign Targets Citrix Netscaler Gateways – Active IOCs
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Skype Vulnerabilities
October 11, 2023Rewterz Threat Alert – CVE-2023-3519 Exploited: Credential Harvesting Campaign Targets Citrix Netscaler Gateways – Active IOCs
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Skype Vulnerabilities
October 11, 2023Severity
High
Analysis Summary
CVE-2023-36418 CVSS: 7.8
Microsoft Azure could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the RTOS GUIX Studio component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36415 CVSS: 8.8
Microsoft Azure DevOps Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36419 CVSS: 8.8
Microsoft Azure HDInsight could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in Apache Oozie Workflow Scheduler component. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-36414 CVSS: 8.8
Microsoft Azure Identity SDK could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36561 CVSS: 7.3
Microsoft Azure DevOps Server could allow a remote attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-36737 CVSS: 7.8
Microsoft Azure Network Watcher VM Extension could allow a local authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Code Execution
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-36418
- CVE-2023-36415
- CVE-2023-36419
- CVE-2023-36414
- CVE-2023-36561
- CVE-2023-36737
Affected Vendors
Microsoft
Affected Products
- Microsoft Azure HDInsights
- Microsoft Azure DevOps Server 2022.0.1
- Microsoft Azure Network Watcher VM Extension
- Microsoft Azure DevOps Server 2020.1.2
- Microsoft Azure DevOps Server 2020.0.2
- Microsoft Azure Identity SDK
- Microsoft Azure RTOS GUIX Studio Installer Application
- Microsoft Azure RTOS GUIX Studio
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.