cvelistv5 - cve-2023-1018

CVE-2023-1018 (GCVE-0-2023-1018)

Vulnerability from cvelistv5

Published

2023-02-28 17:54

Modified

2025-11-04 19:14

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-125 Out-of-bounds Read

Summary

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

References

URL

Tags

	https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf
	https://trustedcomputinggroup.org/about/security/
	https://kb.cert.org/vuls/id/782720

Impacted products

Vendor

Product

Version

Trusted Computing Group

TPM2.0

Version: 1.59

	Trusted Computing Group	TPM2.0	Version: 1.38
	Trusted Computing Group	TPM2.0	Version: 1.16

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:39.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TCG TPM2.0 Errata Version 1.4",
            "tags": [
              "x_transferred"
            ],
            "url": "https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf"
          },
          {
            "name": "TCG Security Advisories",
            "tags": [
              "x_transferred"
            ],
            "url": "https://trustedcomputinggroup.org/about/security/"
          },
          {
            "name": "CERT/CC Advisory VU#782720",
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/782720"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/782720"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-1018",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-07T18:38:17.368376Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-07T18:38:47.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TPM2.0",
          "vendor": "Trusted Computing Group",
          "versions": [
            {
              "status": "affected",
              "version": "1.59"
            }
          ]
        },
        {
          "product": "TPM2.0",
          "vendor": "Trusted Computing Group",
          "versions": [
            {
              "status": "affected",
              "version": "1.38"
            }
          ]
        },
        {
          "product": "TPM2.0",
          "vendor": "Trusted Computing Group",
          "versions": [
            {
              "status": "affected",
              "version": "1.16"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Francisco Falcon of Quarkslab"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read vulnerability exists in TPM2.0\u0027s Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-28T19:08:19.512Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "TCG TPM2.0 Errata Version 1.4 ",
          "url": "https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf"
        },
        {
          "name": "TCG Security Advisories",
          "url": "https://trustedcomputinggroup.org/about/security/"
        },
        {
          "name": "CERT/CC Advisory VU#782720",
          "url": "https://kb.cert.org/vuls/id/782720"
        }
      ],
      "source": {
        "discovery": "external"
      },
      "title": "TPM2.0 vulnerable to out-of-bounds read ",
      "x_generator": {
        "engine": "VINCE 2.0.6",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1018"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2023-1018",
    "datePublished": "2023-02-28T17:54:33.260Z",
    "dateReserved": "2023-02-24T16:06:48.994Z",
    "dateUpdated": "2025-11-04T19:14:39.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf\", \"name\": \"TCG TPM2.0 Errata Version 1.4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://trustedcomputinggroup.org/about/security/\", \"name\": \"TCG Security Advisories\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://kb.cert.org/vuls/id/782720\", \"name\": \"CERT/CC Advisory VU#782720\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/782720\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T19:14:39.612Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1018\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-07T18:38:17.368376Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-07T18:38:42.408Z\"}}], \"cna\": {\"title\": \"TPM2.0 vulnerable to out-of-bounds read \", \"source\": {\"discovery\": \"external\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Francisco Falcon of Quarkslab\"}], \"affected\": [{\"vendor\": \"Trusted Computing Group\", \"product\": \"TPM2.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.59\"}]}, {\"vendor\": \"Trusted Computing Group\", \"product\": \"TPM2.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.38\"}]}, {\"vendor\": \"Trusted Computing Group\", \"product\": \"TPM2.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.16\"}]}], \"references\": [{\"url\": \"https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf\", \"name\": \"TCG TPM2.0 Errata Version 1.4 \"}, {\"url\": \"https://trustedcomputinggroup.org/about/security/\", \"name\": \"TCG Security Advisories\"}, {\"url\": \"https://kb.cert.org/vuls/id/782720\", \"name\": \"CERT/CC Advisory VU#782720\"}], \"x_generator\": {\"env\": \"prod\", \"engine\": \"VINCE 2.0.6\", \"origin\": \"https://cveawg.mitre.org/api/cve/CVE-2023-1018\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An out-of-bounds read vulnerability exists in TPM2.0\u0027s Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"shortName\": \"certcc\", \"dateUpdated\": \"2023-02-28T19:08:19.512Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-1018\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T19:14:39.612Z\", \"dateReserved\": \"2023-02-24T16:06:48.994Z\", \"assignerOrgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"datePublished\": \"2023-02-28T17:54:33.260Z\", \"assignerShortName\": \"certcc\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2023-AVI-0232

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données, un déni de service, un contournement de la fonctionnalité de sécurité et une exécution de code à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2022
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2022 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes ARM64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes ARM64
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows 11 version 21H2 pour systèmes x64
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes x64
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes x64
Microsoft	Windows	Windows 11 version 21H2 pour systèmes ARM64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes 32 bits
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes ARM64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes ARM64
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes ARM64
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes x64

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 14 mars 2023	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2023-23410 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24865 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23407 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23403 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23393 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23413 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23394 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24910 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-21708 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23421 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23412 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24859 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24866 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24868 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24864 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23416 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23401 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24856 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24880 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24863 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24911 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23385 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24872 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24862 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23392 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23388 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23400 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24857 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23405 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23423 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23417 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24909 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23419 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24869 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23420 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23411 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24907 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24913 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23414 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24908 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23402 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23409 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23418 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24870 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23415 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23406 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-1018 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23422 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24858 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24861 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-23404 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24867 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-1017 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24876 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24871 du 14 mars 2023	-	other
Bulletin de sécurité Microsoft CVE-2023-24906 du 14 mars 2023	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2022",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-24859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24859"
    },
    {
      "name": "CVE-2023-24865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24865"
    },
    {
      "name": "CVE-2023-24870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24870"
    },
    {
      "name": "CVE-2023-23410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23410"
    },
    {
      "name": "CVE-2023-23415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23415"
    },
    {
      "name": "CVE-2023-23417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23417"
    },
    {
      "name": "CVE-2023-24913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24913"
    },
    {
      "name": "CVE-2023-24858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24858"
    },
    {
      "name": "CVE-2023-1018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1018"
    },
    {
      "name": "CVE-2023-23407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23407"
    },
    {
      "name": "CVE-2023-24906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24906"
    },
    {
      "name": "CVE-2023-24907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24907"
    },
    {
      "name": "CVE-2023-23419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23419"
    },
    {
      "name": "CVE-2023-23421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23421"
    },
    {
      "name": "CVE-2023-23393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23393"
    },
    {
      "name": "CVE-2023-23404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23404"
    },
    {
      "name": "CVE-2023-23422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23422"
    },
    {
      "name": "CVE-2023-24868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24868"
    },
    {
      "name": "CVE-2023-24862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24862"
    },
    {
      "name": "CVE-2023-24856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24856"
    },
    {
      "name": "CVE-2023-23405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23405"
    },
    {
      "name": "CVE-2023-24872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24872"
    },
    {
      "name": "CVE-2023-23388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23388"
    },
    {
      "name": "CVE-2023-23411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23411"
    },
    {
      "name": "CVE-2023-24866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24866"
    },
    {
      "name": "CVE-2023-24871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24871"
    },
    {
      "name": "CVE-2023-24911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24911"
    },
    {
      "name": "CVE-2023-23400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23400"
    },
    {
      "name": "CVE-2023-24863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24863"
    },
    {
      "name": "CVE-2023-23402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23402"
    },
    {
      "name": "CVE-2023-24880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24880"
    },
    {
      "name": "CVE-2023-24857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24857"
    },
    {
      "name": "CVE-2023-24861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24861"
    },
    {
      "name": "CVE-2023-24908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24908"
    },
    {
      "name": "CVE-2023-1017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1017"
    },
    {
      "name": "CVE-2023-23420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23420"
    },
    {
      "name": "CVE-2023-23418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23418"
    },
    {
      "name": "CVE-2023-23412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23412"
    },
    {
      "name": "CVE-2023-23385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23385"
    },
    {
      "name": "CVE-2023-23414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23414"
    },
    {
      "name": "CVE-2023-23423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23423"
    },
    {
      "name": "CVE-2023-21708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21708"
    },
    {
      "name": "CVE-2023-24867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24867"
    },
    {
      "name": "CVE-2023-24910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24910"
    },
    {
      "name": "CVE-2023-23416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23416"
    },
    {
      "name": "CVE-2023-23403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23403"
    },
    {
      "name": "CVE-2023-23392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23392"
    },
    {
      "name": "CVE-2023-23401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23401"
    },
    {
      "name": "CVE-2023-23409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23409"
    },
    {
      "name": "CVE-2023-23413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23413"
    },
    {
      "name": "CVE-2023-24876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24876"
    },
    {
      "name": "CVE-2023-24864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24864"
    },
    {
      "name": "CVE-2023-23406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23406"
    },
    {
      "name": "CVE-2023-24909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24909"
    },
    {
      "name": "CVE-2023-24869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24869"
    },
    {
      "name": "CVE-2023-23394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23394"
    }
  ],
  "initial_release_date": "2023-03-15T00:00:00",
  "last_revision_date": "2023-03-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23410 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23410"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24865 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24865"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23407 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23407"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23403 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23403"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23393 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23393"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23413 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23413"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23394 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23394"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24910 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24910"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-21708 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21708"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23421 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23421"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23412 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23412"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24859 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24859"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24866 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24866"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24868 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24868"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24864 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24864"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23416 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23416"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23401 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23401"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24856 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24856"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24880 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24880"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24863 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24863"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24911 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24911"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23385 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23385"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24872 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24872"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24862 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24862"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23392 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23392"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23388 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23388"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23400 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23400"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24857 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24857"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23405 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23405"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23423 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23423"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23417 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23417"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24909 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24909"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23419 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23419"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24869 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24869"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23420 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23420"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23411 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23411"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24907 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24907"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24913 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24913"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23414 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23414"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24908 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24908"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23402 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23402"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23409 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23409"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23418 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23418"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24870 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24870"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23415 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23406 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23406"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-1018 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1018"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23422 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23422"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24858 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24858"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24861 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24861"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-23404 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23404"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24867 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24867"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-1017 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1017"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24876 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24876"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24871 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24871"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24906 du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24906"
    }
  ],
  "reference": "CERTFR-2023-AVI-0232",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-03-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un d\u00e9ni de service, un contournement de la\nfonctionnalit\u00e9 de s\u00e9curit\u00e9 et une ex\u00e9cution de code \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 mars 2023",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-1018 (GCVE-0-2023-1018)

Vulnerability from cvelistv5

CERTFR-2023-AVI-0232

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature