CVE-2023-21569

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 14, 2023
Updated: May 29, 2024
CWE ID 94

Summary

CVE-2023-29353 is a denial-of-service vulnerability affecting Sysinternals Process Monitor for Windows. An attacker can exploit this issue by sending crafted network packets to the target system, resulting in a resource exhaustion condition. The vulnerability lies in the way Process Monitor handles certain network packets, allowing an attacker to cause excessive CPU usage and potentially crash the application. This can lead to a denial-of-service condition, making it difficult or impossible for legitimate users to access the affected system. It is essential for Windows users to update their Sysinternals Process Monitor installation to the latest version, which includes a patch for this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share