Rewterz Threat Advisory – CVE-2023-23389 – Microsoft Defender Vulnerability
March 16, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
March 16, 2023Rewterz Threat Advisory – CVE-2023-23389 – Microsoft Defender Vulnerability
March 16, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
March 16, 2023Severity
Medium
Analysis Summary
CVE-2023-24890 CVSS:6.5
Microsoft OneDrive for iOS could allow a remote authenticated attacker to bypass security restrictions. An attacker could exploit this vulnerability to access files in locked vaults.
CVE-2023-24930 CVSS:7.8
Microsoft OneDrive for MacOS could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2023-24882 CVSS:5.5
Microsoft OneDrive for Android could allow a remote attacker to obtain sensitive information. By persuading a victim to run a specially crafted application, an attacker could exploit this vulnerability to obtain Android/local URIs which OneDrive has access to and then use this information to launch further attacks against the affected system.
CVE-2023-24923 CVSS:5.5
Microsoft OneDrive for Android could allow a remote attacker to obtain sensitive information. By persuading a victim to run a specially crafted application, an attacker could exploit this vulnerability to obtain Android/local URIs which OneDrive has access to and then use this information to launch further attacks against the affected system.
Impact
- Privilege Escalation
- Security Bypass
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-24890
- CVE-2023-24930
- CVE-2023-24882
- CVE-2023-24923
Affected Vendors
Microsoft
Affected Products
- Microsoft OneDrive for iOS
- Microsoft OneDrive for Android
- Microsoft OneDrive for MacOS Installer
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.