Microsoft Security Bulletin Coverage for March 2023
SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of March 2023. A list of issues reported, along with SonicWall coverage information, is as follows:
CVE-2023-23410 Windows HTTP.sys Elevation of Privilege Vulnerability
ASPY 424: Exploit-exe exe.MP_304
CVE-2023-23415 Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
IPS 1265: Suspicious ICMP Traffic 2
CVE-2023-23416 Windows Cryptographic Services Remote Code Execution Vulnerability
ASPY 425: Malformed-File pfx.MP.1
CVE-2023-24880 Windows SmartScreen Security Feature Bypass Vulnerability
GAV 37203: CVE-2023-24880.A
GAV 37204: CVE-2023-24880.B
CVE-2023-23397 Microsoft Outlook Elevation of Privilege Vulnerability
ASPY 429:Malformed-msg msg.MP_1(CVE-2023-23397)
ASPY 430: Malformed-msg msg.MP_2 (CVE-2023-23397)
SonicWall Capture ATP with RTDMI
The following vulnerabilities do not have exploits in the wild :
CVE-2023-21708 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23383 Service Fabric Explorer Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-23385 Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23388 Windows Bluetooth Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23389 Microsoft Defender Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23391 Office for Android Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-23392 HTTP Protocol Stack Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23393 Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23394 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-23395 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-23396 Microsoft Excel Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-23398 Microsoft Excel Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-23399 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23400 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23401 Windows Media Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23402 Windows Media Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23403 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23404 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23405 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23406 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23407 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23408 Azure Apache Ambari Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2023-23409 Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-23411 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-23412 Windows Accounts Picture Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23413 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23414 Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-23417 Windows Partition Management Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23418 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23419 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23420 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23421 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23422 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-23423 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-24856 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24857 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24858 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24859 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-24861 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-24862 Windows Secure Channel Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2023-24863 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24864 Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-24865 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24866 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24867 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24868 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24869 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24870 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24871 Windows Bluetooth Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24872 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24876 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24879 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-24882 Microsoft OneDrive for Android Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24890 Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2023-24891 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-24906 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24907 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24908 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24909 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24910 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2023-24911 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24913 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2023-24919 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-24920 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2023-24922 Microsoft Dynamics 365 Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2023-24930 Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
There are no known exploits in the wild.
