Rewterz Threat Advisory – Multiple Intel QuickAssist Technology (QAT) drivers Vulnerabilities
February 15, 2023Rewterz Threat Advisory – CVE-2022-36369 – Intel QATzip Vulnerability
February 15, 2023Rewterz Threat Advisory – Multiple Intel QuickAssist Technology (QAT) drivers Vulnerabilities
February 15, 2023Rewterz Threat Advisory – CVE-2022-36369 – Intel QATzip Vulnerability
February 15, 2023Severity
High
Analysis Summary
CVE-2023-21529 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the server’s account.
CVE-2023-21706 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the server’s account.
CVE-2023-21707 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-21710 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-21529
- CVE-2023-21706
- CVE-2023-21707
- CVE-2023-21710
Affected Vendors
Microsoft
Affected Products
- Microsoft Exchange Server 2016 CU22
- Microsoft Exchange Server 2019 CU11
- Microsoft Exchange Server 2016 CU23
- Microsoft Exchange Server 2019 CU12
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.