What is the severity of CVE-2023-35630?

CVE-2023-35630 is classified as a critical severity vulnerability due to its remote code execution capabilities.

How do I fix CVE-2023-35630?

To fix CVE-2023-35630, apply the latest security updates provided by Microsoft for the affected Windows versions and products.

Which versions of Windows are affected by CVE-2023-35630?

CVE-2023-35630 affects multiple Windows versions including Windows Server 2008 R2, Windows 10, and Windows 11.

What type of vulnerability is CVE-2023-35630?

CVE-2023-35630 is a remote code execution vulnerability found in Internet Connection Sharing (ICS).

Can CVE-2023-35630 be exploited remotely?

Yes, CVE-2023-35630 can be exploited remotely, allowing an attacker to execute arbitrary code.

Vulnerability/
CVE-2023-35630

high

8.8

CWE

122

12/12/2023

1/1/2025

CVE-2023-35630: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

First published: Tue Dec 12 2023(Updated: )

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2012 x64		fix available externally
Microsoft Windows Server 2012 x64		fix available externally
Microsoft Windows Server 2022 23H2		fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows 10 1507	<10.0.10240.20345
Microsoft Windows 10 Version 1607 x86	<10.0.14393.6529
Microsoft Windows 10 1809	<10.0.17763.5206
Microsoft Windows 10 21h2	<10.0.19041.3803
Microsoft Windows 10 22h2	<10.0.19045.3803
Microsoft Windows 11 21h2	<10.0.22000.2652
Microsoft Windows 11 22h2	<10.0.22621.2861
Microsoft Windows 11 23h2	<10.0.22631.2861
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=r2-sp1
Microsoft Windows Server 2012 x64
Microsoft Windows Server 2012 x64	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows Server 2022 23H2	<10.0.25398.584
Apple WebKit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator CC
Adobe InDesign
Adobe Dimension
Adobe Experience Manager
Adobe Substance 3D Stager
Adobe Substance 3D Sampler
Adobe Substance 3D After Effects
Adobe Substance 3D Designer
Android
SAP Business Technology Platform (SAP BTP)
Atlassian Bamboo Server
Atlassian Bitbucket
Atlassian Jira Core
Atlassian Confluence Server/Data Center
Atlassian Confluence Server and Data Server
Apache Struts
VMware Workspace ONE Launcher
FortiGuard FortiOS
FortiGuard FortiPAM

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630 (Advisory)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2023-35630?
CVE-2023-35630 is classified as a critical severity vulnerability due to its remote code execution capabilities.
How do I fix CVE-2023-35630?
To fix CVE-2023-35630, apply the latest security updates provided by Microsoft for the affected Windows versions and products.
Which versions of Windows are affected by CVE-2023-35630?
CVE-2023-35630 affects multiple Windows versions including Windows Server 2008 R2, Windows 10, and Windows 11.
What type of vulnerability is CVE-2023-35630?
CVE-2023-35630 is a remote code execution vulnerability found in Internet Connection Sharing (ICS).
Can CVE-2023-35630 be exploited remotely?
Yes, CVE-2023-35630 can be exploited remotely, allowing an attacker to execute arbitrary code.

collector/msrc
agent/type
agent/first-publish-date
source/Microsoft
collector/msrc-cve
agent/software-canonical-lookup
agent/title
agent/remedy
agent/references
agent/severity
agent/author
agent/description
agent/software-canonical-lookup-request
agent/weakness
agent/trending
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/event
collector/nvd-api
source/NVD
agent/softwarecombine
agent/tags
zeroday/true
vendor/microsoft
canonical/microsoft windows server 2008 r2
canonical/microsoft windows 10
version/microsoft windows 10/1809
version/microsoft windows 10/1607
canonical/microsoft windows 11
version/microsoft windows 11/22h2
version/microsoft windows 10/22h2
version/microsoft windows 10/21h2
version/microsoft windows 11/23h2
canonical/microsoft windows server 2022
version/microsoft windows 11/21h2
canonical/microsoft windows server 2019
canonical/microsoft windows server 2012 r2
canonical/microsoft windows server 2016
canonical/microsoft windows server 2012 x64
canonical/microsoft windows server 2022 23h2
canonical/microsoft windows server 2008 itanium
canonical/microsoft windows 10 1507
canonical/microsoft windows 10 version 1607 x86
canonical/microsoft windows 10 1809
canonical/microsoft windows 10 21h2
canonical/microsoft windows 10 22h2
canonical/microsoft windows 11 21h2
canonical/microsoft windows 11 22h2
canonical/microsoft windows 11 23h2
version/microsoft windows server 2008 itanium/sp2
version/microsoft windows server 2008 itanium/r2-sp1
version/microsoft windows server 2012 x64/r2
vendor/apple
canonical/apple webkit
canonical/microsoft power platform
canonical/microsoft azure logic apps
canonical/microsoft windows
vendor/adobe
canonical/adobe prelude
canonical/adobe illustrator cc
canonical/adobe indesign
canonical/adobe dimension
canonical/adobe experience manager
canonical/adobe substance 3d stager
canonical/adobe substance 3d sampler
canonical/adobe substance 3d after effects
canonical/adobe substance 3d designer
vendor/google
canonical/android
vendor/sap
canonical/sap business technology platform (sap btp)
vendor/atlassian
canonical/atlassian bamboo server
canonical/atlassian bitbucket
canonical/atlassian jira core
canonical/atlassian confluence server/data center
canonical/atlassian confluence server and data server
vendor/cisco
canonical/apache struts
vendor/vmware
canonical/vmware workspace one launcher
vendor/fortiguard
canonical/fortiguard fortios
canonical/fortiguard fortipam