Microsoft Windows L2TP Remote Code Execution Vulnerability
CVE-2023-21679 Published on January 10, 2023

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2023-21679 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2023-21679

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Windows Server 2008

Microsoft Windows 7

Microsoft Windows Server 2012

Microsoft Windows Server 2016

Microsoft Windows Rt 8 1

Microsoft Windows 8.1

Microsoft Windows Server 2019

Microsoft Windows Server 2022

Microsoft Windows 10

Microsoft Windows 11

Microsoft Windows

Affected Versions

Microsoft Windows 10 Version 1809:

Version 10.0.17763.0 and below 10.0.17763.3887 is affected.

Microsoft Windows 10 Version 1809:

Version 10.0.0 and below 10.0.17763.3887 is affected.

Microsoft Windows Server 2019:

Version 10.0.17763.0 and below 10.0.17763.3887 is affected.

Microsoft Windows Server 2019 (Server Core installation):

Version 10.0.17763.0 and below 10.0.17763.3887 is affected.

Microsoft Windows Server 2022:

Version 10.0.20348.0 and below 10.0.20348.1487 is affected.

Microsoft Windows 10 Version 20H2:

Version 10.0.0 and below 10.0.19042.2486 is affected.

Microsoft Windows 11 version 21H2:

Version 10.0.0 and below 10.0.22000.1455 is affected.

Microsoft Windows 10 Version 21H2:

Version 10.0.19043.0 and below 10.0.19044.2486 is affected.

Microsoft Windows 11 version 22H2:

Version 10.0.22621.0 and below 10.0.22621.1105 is affected.

Microsoft Windows 10 Version 22H2:

Version 10.0.19045.0 and below 10.0.19045.2486 is affected.

Microsoft Windows 10 Version 1507:

Version 10.0.10240.0 and below 10.0.10240.19685 is affected.

Microsoft Windows 10 Version 1607:

Version 10.0.14393.0 and below 10.0.14393.5648 is affected.

Microsoft Windows Server 2016:

Version 10.0.14393.0 and below 10.0.14393.5648 is affected.

Microsoft Windows Server 2016 (Server Core installation):

Version 10.0.14393.0 and below 10.0.14393.5648 is affected.

Microsoft Windows 7:

Version 6.1.0 and below 6.1.7601.26321 is affected.

Microsoft Windows 7 Service Pack 1:

Version 6.1.0 and below 6.1.7601.26321 is affected.

Microsoft Windows 8.1:

Version 6.3.0 and below 6.3.9600.20778 is affected.

Microsoft Windows Server 2008 Service Pack 2:

Version 6.0.6003.0 and below 6.0.6003.21872 is affected.

Microsoft Windows Server 2008 Service Pack 2 (Server Core installation):

Version 6.0.6003.0 and below 6.0.6003.21872 is affected.

Microsoft Windows Server 2008 Service Pack 2:

Version 6.0.6003.0 and below 6.0.6003.21872 is affected.

Microsoft Windows Server 2008 R2 Service Pack 1:

Version 6.1.7601.0 and below 6.1.7601.26321 is affected.

Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation):

Version 6.1.7601.0 and below 6.1.7601.26321 is affected.

Microsoft Windows Server 2012:

Version 6.2.9200.0 and below 6.2.9200.24075 is affected.

Microsoft Windows Server 2012 (Server Core installation):

Version 6.2.9200.0 and below 6.2.9200.24075 is affected.

Microsoft Windows Server 2012 R2:

Version 6.3.9600.0 and below 6.3.9600.20778 is affected.

Microsoft Windows Server 2012 R2 (Server Core installation):

Version 6.3.9600.0 and below 6.3.9600.20778 is affected.

Exploit Probability

EPSS

0.60%

Percentile

68.92%