Tag
#Microsoft Windows DNS
CVE-2023-28223: Windows Domain Name Service Remote Code Execution Vulnerability
**How could an attacker exploit this vulnerability?** In a network-based attack an attacker would need to have the privileges to query the Domain Name Service (DNS). If the timing of DNS queries is perfect, the attacker could execute code remotely on the target server.
CVE-2023-28305: Windows DNS Server Remote Code Execution Vulnerability
**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.