What is the severity of CVE-2023-35641?

CVE-2023-35641 has a critical severity rating due to its potential for remote code execution.

How do I fix CVE-2023-35641?

To fix CVE-2023-35641, apply the latest security patches from Microsoft for the affected versions of Windows.

Which products are affected by CVE-2023-35641?

CVE-2023-35641 affects Microsoft Windows 10, Windows 11, and various versions of Windows Server.

Can CVE-2023-35641 lead to data loss?

Yes, if exploited, CVE-2023-35641 could potentially lead to data loss or unauthorized access to sensitive information.

Is there a workaround for CVE-2023-35641?

There are no official workarounds for CVE-2023-35641; applying security updates is the recommended action.

Vulnerability/
CVE-2023-35641

high

8.8

CWE

682

12/12/2023

1/1/2025

CVE-2023-35641: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

First published: Tue Dec 12 2023(Updated: )

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows Server 2008 R2		fix available externally fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2012 x64		fix available externally
Microsoft Windows Server 2012 x64		fix available externally
Microsoft Windows Server 2022 23H2		fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows Server 2008 Itanium		fix available externally fix available externally
Microsoft Windows 10 1507	<10.0.10240.20345
Microsoft Windows 10 Version 1607 x86	<10.0.14393.6529
Microsoft Windows 10 1809	<10.0.17763.5206
Microsoft Windows 10 21h2	<10.0.19041.3803
Microsoft Windows 10 22h2	<10.0.19045.3803
Microsoft Windows 11 21h2	<10.0.22000.2652
Microsoft Windows 11 22h2	<10.0.22621.2861
Microsoft Windows 11 23h2	<10.0.22631.2861
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=r2-sp1
Microsoft Windows Server 2012 x64
Microsoft Windows Server 2012 x64	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Apple WebKit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator CC
Adobe InDesign
Adobe Dimension
Adobe Experience Manager
Adobe Substance 3D Stager
Adobe Substance 3D Sampler
Adobe Substance 3D After Effects
Adobe Substance 3D Designer
Android
SAP Business Technology Platform (SAP BTP)
Atlassian Bamboo Server
Atlassian Bitbucket
Atlassian Jira Core
Atlassian Confluence Server/Data Center
Atlassian Confluence Server and Data Server
Apache Struts
VMware Workspace ONE Launcher
FortiGuard FortiOS
FortiGuard FortiPAM

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641 (Advisory)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2023-35641?
CVE-2023-35641 has a critical severity rating due to its potential for remote code execution.
How do I fix CVE-2023-35641?
To fix CVE-2023-35641, apply the latest security patches from Microsoft for the affected versions of Windows.
Which products are affected by CVE-2023-35641?
CVE-2023-35641 affects Microsoft Windows 10, Windows 11, and various versions of Windows Server.
Can CVE-2023-35641 lead to data loss?
Yes, if exploited, CVE-2023-35641 could potentially lead to data loss or unauthorized access to sensitive information.
Is there a workaround for CVE-2023-35641?
There are no official workarounds for CVE-2023-35641; applying security updates is the recommended action.

collector/msrc
agent/type
agent/first-publish-date
source/Microsoft
collector/msrc-cve
agent/software-canonical-lookup
agent/severity
agent/remedy
agent/title
agent/author
agent/references
agent/description
agent/software-canonical-lookup-request
agent/weakness
agent/trending
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/event
collector/nvd-api
source/NVD
agent/softwarecombine
agent/tags
zeroday/true
vendor/microsoft
canonical/microsoft windows 11
version/microsoft windows 11/21h2
canonical/microsoft windows 10
version/microsoft windows 10/21h2
canonical/microsoft windows server 2022
version/microsoft windows 11/22h2
version/microsoft windows 11/23h2
version/microsoft windows 10/1607
version/microsoft windows 10/1809
version/microsoft windows 10/22h2
canonical/microsoft windows server 2008 r2
canonical/microsoft windows server 2019
canonical/microsoft windows server 2012 r2
canonical/microsoft windows server 2016
canonical/microsoft windows server 2012 x64
canonical/microsoft windows server 2022 23h2
canonical/microsoft windows server 2008 itanium
canonical/microsoft windows 10 1507
canonical/microsoft windows 10 version 1607 x86
canonical/microsoft windows 10 1809
canonical/microsoft windows 10 21h2
canonical/microsoft windows 10 22h2
canonical/microsoft windows 11 21h2
canonical/microsoft windows 11 22h2
canonical/microsoft windows 11 23h2
version/microsoft windows server 2008 itanium/sp2
version/microsoft windows server 2008 itanium/r2-sp1
version/microsoft windows server 2012 x64/r2
vendor/apple
canonical/apple webkit
canonical/microsoft power platform
canonical/microsoft azure logic apps
canonical/microsoft windows
vendor/adobe
canonical/adobe prelude
canonical/adobe illustrator cc
canonical/adobe indesign
canonical/adobe dimension
canonical/adobe experience manager
canonical/adobe substance 3d stager
canonical/adobe substance 3d sampler
canonical/adobe substance 3d after effects
canonical/adobe substance 3d designer
vendor/google
canonical/android
vendor/sap
canonical/sap business technology platform (sap btp)
vendor/atlassian
canonical/atlassian bamboo server
canonical/atlassian bitbucket
canonical/atlassian jira core
canonical/atlassian confluence server/data center
canonical/atlassian confluence server and data server
vendor/cisco
canonical/apache struts
vendor/vmware
canonical/vmware workspace one launcher
vendor/fortiguard
canonical/fortiguard fortios
canonical/fortiguard fortipam