Описание
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.
To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.
The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.
Уязвимость реализации стека протоколов TCP/IP операционной системы Windows, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
5.8 Medium
CVSS2