Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities
July 12, 2023
Rewterz
Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs
July 12, 2023

Rewterz Threat Advisory – Multiple Microsoft Zero-Day Vulnerabilities Exploited In The Wild

Severity

High

Analysis Summary

CVE-2023-32049 CVSS:8.8

Microsoft Windows could allow a remote attacker to bypass security restrictions, caused by a flaw in the SmartScreen component. By persuading a victim to click on a specially crafted URL, an attacker could exploit this vulnerability to bypass the Open File – Security Warning prompt.

CVE-2023-35311 CVSS:8.8

Microsoft Outlook could allow a remote attacker to bypass security restrictions. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to bypass the Microsoft Outlook Security Notice prompt.

CVE-2023-36884 CVSS:8.3

Microsoft Windows and Microsoft Office could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-36874 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Error Reporting Service component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2023-32046 CVSS:7.8

Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the MSHTML Platform component. By persuading a victim to open specially crafted content, an authenticated attacker could exploit this vulnerability to obtain elevated privileges on the system.

Impact

  • Code Execution
  • Privilege Escalation
  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2023-32049
  • CVE-2023-35311
  • CVE-2023-36884
  • CVE-2023-36874
  • CVE-2023-32046

Affected Vendors

Microsoft

Affected Products

  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows 10 1809 for x64-based Systems
  • Microsoft Windows 10 1809 for 32-bit Systems
  • Microsoft Windows 10 1809 for ARM64-based Systems
  • Microsoft Windows 10 1607 for 32-bit Systems
  • Microsoft Windows 10 1607 for x64-based Systems
  • Microsoft Windows Server (Server Core installation) 2019
  • Microsoft Windows Server (Server Core installation) 2016
  • Microsoft Windows Server 2022
  • Microsoft Windows Server (Server Core installation) 2022
  • Microsoft Windows 10 21H2 for 32-bit Systems
  • Microsoft Windows 10 21H2 for ARM64-based Systems
  • Microsoft Windows 10 21H2 for x64-based Systems
  • Microsoft Windows 11 22H2 for ARM64-based Systems
  • Microsoft Windows 11 22H2 for x64-based Systems
  • Microsoft Windows 10 22H2 for 32-bit Systems
  • Microsoft Windows 10 22H2 for ARM64-based Systems
  • Microsoft Windows 10 22H2 for x64-based Systems
  • Microsoft Windows 11 21H2 for ARM64-based Systems
  • Microsoft Windows 11 21H2 for x64-based Systems
  • Microsoft Outlook 2016 x32
  • Microsoft Outlook 2016 x64

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2023-32049

CVE-2023-35311

CVE-2023-36884

CVE-2023-36874

CVE-2023-32046