Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-21554

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 11 April 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 92%

Summary

A vulnerability has been identified in Microsoft Message Queuing that allows unauthorized remote code execution. An attacker could exploit this vulnerability by sending malicious commands, potentially allowing them to take control of affected systems. It is crucial for organizations to assess their environment for the presence of this vulnerability and apply necessary security measures to mitigate risks.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.19869

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.5850

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.4252

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-21554-PoC
Created by zoemurmure

CVE-2023-21554
Created by 3tternp

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

92% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Aug 17, 2023
👾
Exploit known to exist
Aug 17, 2023
Vulnerability published
Apr 11, 2023
Vulnerability Reserved
Dec 1, 2022