#Windows RPC API

CVE-2023-28297: Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #windows #Windows RPC API #Security Vulnerability

CVE-2023-21729: Remote Procedure Call Runtime Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #Windows RPC API #Security Vulnerability

CVE-2023-21727: Remote Procedure Call Runtime Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** To exploit this vulnerability, an unauthenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #rce #auth #Windows RPC API #Security Vulnerability

CVE-2023-21525: Remote Procedure Call Runtime Denial of Service Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #dos #Windows RPC API #Security Vulnerability

Tag

#Windows RPC API