PT-2023-2436 · Microsoft · Windows Secure Channel+1

Jarvis_1Oop

Published

2023-04-11

Updated

2024-05-29

CVE-2023-24931

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Windows Secure Channel (affected versions not specified)

Description The issue is related to insufficient input validation in the Windows Secure Channel component of Windows operating systems. Exploitation of this issue may allow a remote attacker to cause a denial of service using specially crafted data. A denial-of-service vulnerability allows attackers to affect the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-125

Related Identifiers

BDU:2023-02221

CVE-2023-24931

Affected Products

Windows

Windows Secure Channel

PT-2023-2436 · Microsoft · Windows Secure Channel+1

CVE-2023-24931

Weakness Enumeration

Related Identifiers

Affected Products

References · 8