March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2023-21721 – Microsoft OneNote Vulnerability
February 20, 2023Rewterz Threat Advisory – Multiple Microsoft Azure Vulnerabilities
February 20, 2023Rewterz Threat Advisory – CVE-2023-21721 – Microsoft OneNote Vulnerability
February 20, 2023Rewterz Threat Advisory – Multiple Microsoft Azure Vulnerabilities
February 20, 2023
Severity
Medium
Analysis Summary
CVE-2023-21722 CVSS:4.4
Microsoft .NET Framework is vulnerable to a denial of service. By persuading a victim to open a specially-crafted file, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-21808 CVSS:8.4
Microsoft .NET and Visual Studio could allow a local attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Denial of Service
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-21722
- CVE-2023-21808
Affected Vendors
Microsoft
Affected Products
- Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems SP1
- Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems (Server Core installation) SP1
- Microsoft .NET Framework 4.8 on Windows Server 2012
- Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.