all InfoSec news
CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service
Zero Day Initiative - Blog www.zerodayinitiative.com
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the Microsoft Windows DHCPv6 Service. This bug was originally discovered by YanZiShuang@BigCJTeam of cyberkl. The vulnerability results from the improper processing of DHCPv6 Relay-forward messages. A network-adjacent attacker can leverage this vulnerability to execute code in the context of the DHCP service. The following is a portion of …
blog post bug code code execution cve cve-2023-28231 dhcpv6 micro microsoft microsoft windows miller rce remote code remote code execution report research results service team trend trend micro vulnerability vulnerability research windows