Windows P2P TNP RCE Vulnerability
CVE-2023-21712 Published on April 27, 2023

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Type

What is a Race Condition Vulnerability?

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

CVE-2023-21712 has been classified to as a Race Condition vulnerability or weakness.

Products Associated with CVE-2023-21712

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-21712 are published in these products:

Microsoft Windows Server 2012

Microsoft Windows 8.1

Microsoft Windows Server 2016

Microsoft Windows Rt 8 1

Microsoft Windows Server 2019

Microsoft Windows Server 2022

Microsoft Windows 10 21h1

Microsoft Windows 10

Microsoft Windows 11

Microsoft Windows

Affected Versions

Microsoft Windows 10 Version 1809:

Version 10.0.17763.0 and below 10.0.17763.3650 is affected.

Microsoft Windows 10 Version 1809:

Version 10.0.0 and below 10.0.17763.3650 is affected.

Microsoft Windows Server 2019:

Version 10.0.17763.0 and below 10.0.17763.3650 is affected.

Microsoft Windows Server 2019 (Server Core installation):

Version 10.0.17763.0 and below 10.0.17763.3650 is affected.

Microsoft Windows 10 Version 21H1:

Version 10.0.0 and below 10.0.19043.2251 is affected.

Microsoft Windows Server 2022:

Version 10.0.20348.0 and below 10.0.20348.1249 is affected.

Microsoft Windows 10 Version 20H2:

Version 10.0.0 and below 10.0.19042.2251 is affected.

Microsoft Windows 11 version 21H2:

Version 10.0.0 and below 10.0.22000.1219 is affected.

Microsoft Windows 10 Version 21H2:

Version 10.0.19043.0 and below 10.0.19044.2251 is affected.

Microsoft Windows 11 version 22H2:

Version 10.0.22621.0 and below 10.0.22621.819 is affected.

Microsoft Windows 10 Version 22H2:

Version 10.0.19045.0 and below 10.0.19045.2486 is affected.

Microsoft Windows 10 Version 1507:

Version 10.0.10240.0 and below 10.0.10240.19562 is affected.

Microsoft Windows 10 Version 1607:

Version 10.0.14393.0 and below 10.0.14393.5501 is affected.

Microsoft Windows Server 2016:

Version 10.0.14393.0 and below 10.0.14393.5501 is affected.

Microsoft Windows Server 2016 (Server Core installation):

Version 10.0.14393.0 and below 10.0.14393.5501 is affected.

Microsoft Windows 8.1:

Version 6.3.0 and below 6.3.9600.20671 is affected.

Microsoft Windows Server 2012:

Version 6.2.9200.0 and below 6.2.9200.23968 is affected.

Microsoft Windows Server 2012 (Server Core installation):

Version 6.2.9200.0 and below 6.2.9200.23968 is affected.

Microsoft Windows Server 2012 R2:

Version 6.3.9600.0 and below 6.3.9600.20671 is affected.

Microsoft Windows Server 2012 R2 (Server Core installation):

Version 6.3.9600.0 and below 6.3.9600.20671 is affected.

Exploit Probability

EPSS

0.75%

Percentile

72.78%