FILE Windows MSHTML Platform Elevation of Privilege Vulnerability (CVE-2023-32046)

Rule ID

1233205

Severity

High

Description

NTLM relay issue has been identified using IE's shortcutlinks. This vulnerability can lead to NTLM cred leaks, leading to EOP.

Impact

Privilege escalation

Recommendation

Update vendor's patch.

IPS Category

Exploits

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2023-32046

CVE-2023-36025

CVE-2024-21412

CVE-2024-43451

T1078

T1021.002

T1550.002

T1649

Keywords

Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019

Date Created

2023/07/12

Last Updated

2024/11/13

This website uses cookies to ensure you get the best experience on our website.

Learn more