CVE-2023-21569
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-29353 is a denial-of-service vulnerability affecting Sysinternals Process Monitor for Windows. An attacker can exploit this issue by sending crafted network packets to the target system, resulting in a resource exhaustion condition. The vulnerability lies in the way Process Monitor handles certain network packets, allowing an attacker to cause excessive CPU usage and potentially crash the application. This can lead to a denial-of-service condition, making it difficult or impossible for legitimate users to access the affected system. It is essential for Windows users to update their Sysinternals Process Monitor installation to the latest version, which includes a patch for this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Azure DevOps
Affected Vendors
- Microsoft