CVE-2023-28302
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Apr 11, 2023
Updated: Jan 1, 2025
CWE ID 20
Summary
CVE-2023-28302 is a newly disclosed Denial of Service (DoS) vulnerability affecting Microsoft Message Queuing (MSMQ). Attackers can exploit this issue by sending specially crafted MSMQ messages to target systems, leading to a memory leak and excessive CPU usage. This results in a DoS condition, making the affected MSMQ service unresponsive and potentially causing service interruptions. Microsoft has released a security update to address this vulnerability, and administrators are urged to apply it as soon as possible to mitigate potential risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share