網(wǎng)間控制報文協(xié)議 (ICMP) 遠(yuǎn)程代碼執(zhí)行漏洞
- CNNVD編號:未知
- 危害等級: 超危
- CVE編號:CVE-2023-23415
- 漏洞類型: 未知
- 威脅類型:未知
- 廠 商:未知
- 漏洞來源:深信服
- 發(fā)布時間:2023-03-21
- 更新時間:2023-03-21
漏洞簡介
2023 年 3 月 15 日,深信服安全團隊監(jiān)測到一則 Windows TCP/IP協(xié)議棧組件存在網(wǎng)間控制報文協(xié)議(ICMP)遠(yuǎn)程代碼執(zhí)行漏洞的信息,漏洞編號:CVE-2023-23415,漏洞威脅等級:嚴(yán)重。
該漏洞是由于判斷不嚴(yán)格,攻擊者可利用該漏洞在未授權(quán)的情況下,構(gòu)造惡意數(shù)據(jù)執(zhí)行遠(yuǎn)程代碼執(zhí)行攻擊,最終獲取服務(wù)器最高權(quán)限
漏洞公示
暫無
參考網(wǎng)站
暫無
受影響實體
目前受影響的 Windows 版本:
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack
Windows Server 2008 R2 for x64-based Systems Service Pack
Windows Server 2008 for x64-based Systems Service Pack 2
(Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
(Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
(Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
(Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
補丁
解決方案
修復(fù)建議
1.如何檢測補丁安裝情況
在“設(shè)置”-“更新與安全”-“Windows 更新”-“查看更新歷史
記錄”-“質(zhì)量更新”中檢查是否存在 2023-03 的更新。
或在命令行(cmd)中執(zhí)行 systeminfo,檢查是否有漏洞對應(yīng)的補丁安裝。 該漏洞各版本的補丁可以在
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
中安裝更新程序一欄中找到。
2.官方修復(fù)建議
當(dāng)前官方已發(fā)布受影響版本的對應(yīng)補丁,建議受影響的用戶及時
更新官方的安全補丁。鏈接如下:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
打補丁/升級方法:
在“設(shè)置”-“更新與安全”-“Windows 更新”中選擇檢查更新
