FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition.
MSRC compact vulnerability detail
CVE-2023-41765 · Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
No description was published by MSRC.
Signals
Windows Layer 2 Tunneling Protocol
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
No description was published by MSRC.
FAQ / Articles
FAQ
How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
Mitigation
The following mitigation might be helpful in your situation: This vulnerability is only exploitable on Windows Servers that have installed and configured the Routing and Remote Access Service (RRAS) role with L2TP support, which is not installed and configured by default. Please see Routing and Remote Access Server (RRAS) | Microsoft Learn for more information. You might also benefit by reading more about Roles here: Roles, Role Services, and Features included in Windows Server - Server Core | Microsoft Learn.