Main Vulnerability Database Exploits ID:9090 - Exploit for Out-of-bounds write in Windows and Windows Server - CVE-2023-21554

ID:9090 - Exploit for Out-of-bounds write in Windows and Windows Server - CVE-2023-21554

Published: June 7, 2023

Vulnerability identifier: #VU75011

Vulnerability risk: High

CVE-ID: CVE-2023-21554

CWE-ID: CWE-787

Exploitation vector: Remote access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://cpr-zero.checkpoint.com/vulns/cprid-2194/

Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in Microsoft Message Queuing. A remote attacker can send a specially crafted malicious MSMQ packet, trigger an out-of-bounds write and execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

ID:9090 - Exploit for Out-of-bounds write in Windows and Windows Server - CVE-2023-21554

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human