PT-2023-2463 · Microsoft · Windows Enroll Engine+1

Aapo Oksman

Publicado

2023-04-11

Atualizado

2024-05-29

CVE-2023-28226

CVSS v2.0

5.4

Média

Vetor

AV:N/AC:H/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows Enroll Engine (affected versions not specified)

Description The issue is related to errors in security settings of the Windows Enroll Engine component in Windows operating systems. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Improper Verification of Cryptographic Signature

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-254CWE-200CWE-347

Identificadores relacionados

BDU:2023-02253

CVE-2023-28226

Produtos afetados

Windows

Windows Enroll Engine

PT-2023-2463 · Microsoft · Windows Enroll Engine+1

CVE-2023-28226

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10