Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35350

Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability

CVE
#vulnerability#windows#rce

Related news

Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook, EoP MSHTML and ERS, other RCEs

Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays. Alternative video link (for Russia): https://vk.com/video-149273431_456239131 As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Vulristics improvements I optimized the detection of the vulnerable product and the type […]

CVE-2023-35350: Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker with Certificate Authority (CA) read access permissions can send a specially crafted request to a vulnerable Certificate Server. By default, only domain administrators are granted CA read access.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907