Arbitrary code execution in Windows Server DHCP

Published: 2017-09-12 22:38:32 | Updated: 2017-09-12 22:45:04
Severity Low
Patch available YES
Number of vulnerabilities 1
CVSSv2 6.1 (AV:A/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
CVSSv3 8.3 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE ID CVE-2017-8686
CWE ID CWE-20
Exploitation vector Local network
Public exploit Not available
Vulnerable software Windows Server
Vulnerable software versions Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Vendor URL Microsoft
Advisory type Public

Security Advisory

1) Improper input validation

Description

The vulnerability allows an adjacent attacker to execute arbitrary code on the target system.

The vulnerability exists in the Windows Server DHCP service due to improper validation of user-supplied input. An adjacent attacker can send specially crafted packets to a DHCP failover server and run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive.

Successful exploitation of this vulnerability may result in system compromise.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686

Back to List