Remote code execution in Microsoft Internet Connection Sharing (ICS)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-38148 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Windows Server Operating systems & Components / Operating system Windows Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Input validation error
EUVDB-ID: #VU80715
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2023-38148
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in Internet Connection Sharing (ICS). A remote attacker on the local network can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows Server: 2019 - 2022 20H2
Windows: 10 - 11 22H2
CPE2.3 External linkshttp://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-38148
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
