Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities
July 12, 2023Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs
July 12, 2023Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities
July 12, 2023Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs
July 12, 2023Severity
High
Analysis Summary
CVE-2023-32049 CVSS:8.8
Microsoft Windows could allow a remote attacker to bypass security restrictions, caused by a flaw in the SmartScreen component. By persuading a victim to click on a specially crafted URL, an attacker could exploit this vulnerability to bypass the Open File – Security Warning prompt.
CVE-2023-35311 CVSS:8.8
Microsoft Outlook could allow a remote attacker to bypass security restrictions. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to bypass the Microsoft Outlook Security Notice prompt.
CVE-2023-36884 CVSS:8.3
Microsoft Windows and Microsoft Office could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36874 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Error Reporting Service component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2023-32046 CVSS:7.8
Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the MSHTML Platform component. By persuading a victim to open specially crafted content, an authenticated attacker could exploit this vulnerability to obtain elevated privileges on the system.
Impact
- Code Execution
- Privilege Escalation
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-32049
- CVE-2023-35311
- CVE-2023-36884
- CVE-2023-36874
- CVE-2023-32046
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows 10 1809 for x64-based Systems
- Microsoft Windows 10 1809 for 32-bit Systems
- Microsoft Windows 10 1809 for ARM64-based Systems
- Microsoft Windows 10 1607 for 32-bit Systems
- Microsoft Windows 10 1607 for x64-based Systems
- Microsoft Windows Server (Server Core installation) 2019
- Microsoft Windows Server (Server Core installation) 2016
- Microsoft Windows Server 2022
- Microsoft Windows Server (Server Core installation) 2022
- Microsoft Windows 10 21H2 for 32-bit Systems
- Microsoft Windows 10 21H2 for ARM64-based Systems
- Microsoft Windows 10 21H2 for x64-based Systems
- Microsoft Windows 11 22H2 for ARM64-based Systems
- Microsoft Windows 11 22H2 for x64-based Systems
- Microsoft Windows 10 22H2 for 32-bit Systems
- Microsoft Windows 10 22H2 for ARM64-based Systems
- Microsoft Windows 10 22H2 for x64-based Systems
- Microsoft Windows 11 21H2 for ARM64-based Systems
- Microsoft Windows 11 21H2 for x64-based Systems
- Microsoft Outlook 2016 x32
- Microsoft Outlook 2016 x64
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.