Microsoft Internet Control Message Protocol (ICMP) Remote Code Execution (RCE) Vulnerability- 20230315002¶
Overview¶
The WA SOC has received information regarding a new vulnerability found in Microsoft Internet Control Message Protocol (ICMP) which elevates the risks to organisations.
What is the vulnerability?¶
CVE-2023-23415 - Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
An attacker could send a low-level protocol error containing a fragmented IP packet inside another ICMP packet in its header to the target machine. To trigger the vulnerable code path, an application on the target must be bound to a raw socket.
What is vulnerable?¶
The vulnerability affects the following products:
| No. | Product | Impact | Severity | Build Number | Download |
|---|---|---|---|---|---|
| 1 | Windows Server 2012 R2 (Server Core installation) | Remote Code Execution | Critical | 6.3.9600.20865 | Monthly Rollup , Security Only |
| 2 | Windows Server 2012 R2 | Remote Code Execution | Critical | 6.3.9600.20865 | Monthly Rollup , Security Only |
| 3 | Windows Server 2012 (Server Core installation) | Remote Code Execution | Critical | 6.2.9200.24168 | Monthly Rollup , Security Only |
| 4 | Windows Server 2012 | Remote Code Execution | Critical | 6.2.9200.24168 | Monthly Rollup , Security Only |
| 5 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Remote Code Execution | Critical | 6.1.7601.26415 | Monthly Rollup , Security Only |
| 6 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Remote Code Execution | Critical | 6.1.7601.26415 | Monthly Rollup , Security Only |
| 7 | Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Remote Code Execution | Critical | 6.0.6003.21966 | Monthly Rollup , Security Only |
| 8 | Windows Server 2008 for x64-based Systems Service Pack 2 | Remote Code Execution | Critical | 6.0.6003.21966 | Monthly Rollup , Security Only |
| 9 | Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Remote Code Execution | Critical | 6.0.6003.21966 | Monthly Rollup , Security Only |
| 10 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Remote Code Execution | Critical | 6.0.6003.21966 | Monthly Rollup , Security Only |
| 11 | Windows Server 2016 (Server Core installation) | Remote Code Execution | Critical | 10.0.14393.5786 | Security Update |
| 12 | Windows Server 2016 | Remote Code Execution | Critical | 10.0.14393.5786 | Security Update |
| 13 | Windows 10 Version 1607 for x64-based Systems | Remote Code Execution | Critical | 10.0.14393.5786 | Security Update |
| 14 | Windows 10 Version 1607 for 32-bit Systems | Remote Code Execution | Critical | 10.0.14393.5786 | Security Update |
| 15 | Windows 10 for x64-based Systems | Remote Code Execution | Critical | 10.0.10240.19805 | Security Update |
| 16 | Windows 10 for 32-bit Systems | Remote Code Execution | Critical | 10.0.10240.19805 | Security Update |
| 17 | Windows 10 Version 22H2 for 32-bit Systems | Remote Code Execution | Critical | 10.0.19045.2728 | Security Update |
| 18 | Windows 10 Version 22H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.19045.2728 | Security Update |
| 19 | Windows 10 Version 22H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.19045.2728 | Security Update |
| 20 | Windows 11 Version 22H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.22000.1413 | Security Update |
| 21 | Windows 11 Version 22H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.22000.1413 | Security Update |
| 22 | Windows 10 Version 21H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.19044.2728 | Security Update |
| 23 | Windows 10 Version 21H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.19044.2728 | Security Update |
| 24 | Windows 10 Version 21H2 for 32-bit Systems | Remote Code Execution | Critical | 10.0.19044.2728 | Security Update |
| 25 | Windows 11 version 21H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.22000.1696 | Security Update |
| 26 | Windows 11 version 21H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.22000.1696 | Security Update |
| 27 | Windows 10 Version 20H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.19042.2728 | Security Update |
| 28 | Windows 10 Version 20H2 for 32-bit Systems | Remote Code Execution | Critical | 10.0.19042.2728 | Security Update |
| 29 | Windows 10 Version 20H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.19042.2728 | Security Update |
| 30 | Windows Server 2022 (Server Core installation) | Remote Code Execution | Critical | 10.0.20348.1607 | Security Update |
| 31 | Windows Server 2022 (Server Core installation) | Remote Code Execution | Critical | 10.0.20348.1600 | AzureHotpatch |
| 32 | Windows Server 2022 | Remote Code Execution | Critical | 10.0.20348.1607 | Security Update |
| 33 | Windows Server 2022 | Remote Code Execution | Critical | 10.0.20348.1600 | AzureHotpatch |
| 34 | Windows Server 2019 (Server Core installation) | Remote Code Execution | Critical | 10.0.17763.4131 | Security Update |
| 35 | Windows Server 2019 | Remote Code Execution | Critical | 10.0.17763.4131 | Security Update |
| 36 | Windows 10 Version 1809 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.17763.4131 | Security Update |
| 37 | Windows 10 Version 1809 for x64-based Systems | Remote Code Execution | Critical | 10.0.17763.4131 | Security Update |
| 38 | Windows 10 Version 1809 for 32-bit Systems | Remote Code Execution | Critical | 10.0.17763.4131 | Security Update |
Recommendation¶
The WA SOC recommends administrators apply the updates as per vendor instructions to all affected products.