CVE-2023-28224

Published Apr 11, 2023

Last updated 6 months ago

Overview

Description: Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.9
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secure@microsoft.com: CWE-591

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7AA917B-149D-4462-85A6-E1E8D4AF7836",
            "versionEndExcluding": "10.0.10240.19869"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3845BA8-1885-4B32-A069-9CD95E9895A6",
            "versionEndExcluding": "10.0.14393.5850"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC646C31-F80E-4BED-B15F-671250530066",
            "versionEndExcluding": "10.0.17763.4252"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77610DFA-2CAF-4B06-AAA8-2387233A35FA",
            "versionEndExcluding": "10.0.19042.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28B6B095-4CE2-4612-A977-072C464D7157",
            "versionEndExcluding": "10.0.19044.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8D3C91C-C19E-49D4-91DC-6C59086DE344",
            "versionEndExcluding": "10.0.19045.2846"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "672CF584-309F-4F28-9E3A-545C0138F5EA",
            "versionEndExcluding": "10.0.22000.1817"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F47239E8-AEB6-4E79-91DB-51238D4368B2",
            "versionEndExcluding": "10.0.22621.1555"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References