all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service

Add to bookmarks
May 2, 2023, 4:09 p.m. | Trend Micro Research Team

Zero Day Initiative - Blog www.zerodayinitiative.com

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the Microsoft Windows DHCPv6 Service. This bug was originally discovered by YanZiShuang@BigCJTeam of cyberkl. The vulnerability results from the improper processing of DHCPv6 Relay-forward messages. A network-adjacent attacker can leverage this vulnerability to execute code in the context of the DHCP service. The following is a portion of …

blog post bug code code execution cve cve-2023-28231 dhcpv6 micro microsoft microsoft windows miller rce remote code remote code execution report research results service team trend trend micro vulnerability vulnerability research windows

Visit resource

More from www.zerodayinitiative.com / Zero Day Initiative - Blog

CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud 2 days, 13 hours ago | www.zerodayinitiative.com
abusing blog blog post bug +23
MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI) 1 week, 2 days ago | www.zerodayinitiative.com
attack automotive blog blog post +12
The May 2024 Security Update Review 2 weeks, 4 days ago | www.zerodayinitiative.com
adobe blog post can check +16
CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own 3 weeks, 2 days ago | www.zerodayinitiative.com
april blog blog post bug +18
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome 4 weeks, 2 days ago | www.zerodayinitiative.com
blog blog post browsers bug +20
CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability 1 month, 2 weeks ago | www.zerodayinitiative.com
amp blog post bug code +25
The April 2024 Security Updates Review 1 month, 3 weeks ago | www.zerodayinitiative.com
adobe april blog post can +12
Pwn2Own Vancouver 2024 - Day Two Results 2 months, 1 week ago | www.zerodayinitiative.com
blog post chrome edge event +10
Pwn2Own Vancouver 2024 - Day One Results 2 months, 1 week ago | www.zerodayinitiative.com
blog blog post browser day one +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com