CVE-2023-21712

CVSS v3.1 8.1 (High)

EPSS 1.08 % (85^th)

Affected Products 15

Advisories 1

NVD Status Modified

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Microsoft Corporation
Published Date: 2023-04-27 19:15:13
(17 months ago)
Updated Date: 2024-05-29 03:15:23
(3 months ago)

Affected Products

Microsoft

Configuration #1

		CPE23	From	Up To
	Microsoft Windows 10 prior 10.0.10240.19562 version	cpe:2.3:o:microsoft:windows_10		< 10.0.10240.19562
	Microsoft Windows 10 1607 prior 10.0.14393.5501 version	cpe:2.3:o:microsoft:windows_10_1607		< 10.0.14393.5501
	Microsoft Windows 10 1809 prior 10.0.17763.3650 version	cpe:2.3:o:microsoft:windows_10_1809		< 10.0.17763.3650
	Microsoft Windows 10 20h2 prior 10.0.19042.2251 version	cpe:2.3:o:microsoft:windows_10_20h2		< 10.0.19042.2251
	Microsoft Windows 10 21h1 prior 10.0.19043.2251 version	cpe:2.3:o:microsoft:windows_10_21h1		< 10.0.19043.2251
	Microsoft Windows 10 21h2 prior 10.0.19044.2251 version	cpe:2.3:o:microsoft:windows_10_21h2		< 10.0.19044.2251
	Microsoft Windows 10 22h2 prior 10.0.19045.2486 version	cpe:2.3:o:microsoft:windows_10_22h2		< 10.0.19045.2486
	Microsoft Windows 11 21h2 prior 10.0.22000.1219 version	cpe:2.3:o:microsoft:windows_11_21h2		< 10.0.22000.1219
	Microsoft Windows 11 22h2 prior 10.0.22000.819 version	cpe:2.3:o:microsoft:windows_11_22h2		< 10.0.22000.819
	Microsoft Windows 8.1	cpe:2.3:o:microsoft:windows_8.1:-
	Microsoft Windows Rt 8.1	cpe:2.3:o:microsoft:windows_rt_8.1:-
	Microsoft Windows Server 2012	cpe:2.3:o:microsoft:windows_server_2012:-
	Microsoft Windows Server 2012 R2	cpe:2.3:o:microsoft:windows_server_2012:r2
	Microsoft Windows Server 2016	cpe:2.3:o:microsoft:windows_server_2016:-
	Microsoft Windows Server 2019	cpe:2.3:o:microsoft:windows_server_2019:-
	Microsoft Windows Server 2022	cpe:2.3:o:microsoft:windows_server_2022:-