Headline
CVE-2023-29372: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
How could an attacker exploit this vulnerability?
An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.