CVE-2023-28231

Name of the Vulnerable Software and Affected Versions Windows versions 2008 R2 SP1 through 2019

Description The issue is related to insufficient input validation in the Windows DHCP server service, allowing remote attackers to execute arbitrary code. This can be achieved through remote procedure calls. The estimated number of potentially affected devices is not specified.

Recommendations For Windows versions 2008 R2 SP1 through 2019, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the DHCP server service until a patch is available. Avoid using remote procedure calls to the DHCP server service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.