CVE-2023-36028
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-36028 is a remote code execution vulnerability affecting Microsoft's Protected Extensible Authentication Protocol (PEAP). An attacker can exploit this issue by sending specially crafted PEAP packets to a target system, potentially gaining the ability to execute arbitrary code. Successful exploitation could lead to significant security risks, including data theft, unauthorized system access, or the installation of malware. Microsoft strongly recommends applying the available patch to mitigate this vulnerability. Organizations using PEAP for authentication should be aware of this critical issue and take immediate action to secure their networks. Exploitation of CVE-2023-36028 could result in a wide range of negative consequences, from minor inconveniences to severe data breaches. Microsoft has released a patch to address this vulnerability, and installing it is the most effective means of protection against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.