PT-2023-2313 · Microsoft · Windows Dns Server+1

George Hughey

·

Published

2023-04-11

·

Updated

2024-05-29

·

CVE-2023-28305

CVSS v2.0

7.6

High

VectorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Windows DNS Server versions (affected versions not specified)
Description The issue is caused by a race condition situation. It allows a remote attacker to execute arbitrary code.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

BDU:2023-02077
CVE-2023-28305

Affected Products

Windows
Windows Dns Server