What is CVE-2023-36910?

CVE-2023-36910 is a critical remote code execution vulnerability in Microsoft Message Queuing (MSMQ) affecting various Microsoft Windows and Windows Server versions. It has a severity score of 9.8, posing a significant risk to systems running Windows 10, Windows 11, and multiple Windows Server versions.

Who is impacted by CVE-2023-36910?

The CVE-2023-36910 vulnerability affects users of Microsoft Windows operating systems and Windows Server operating systems using Microsoft Message Queuing (MSMQ). Affected versions include Windows 10, Windows 11, and Windows Server versions 2008, 2012, 2016, 2019, and 2022.

What to do if CVE-2023-36910 affected you

If you're affected by the CVE-2023-36910 vulnerability, it's crucial to take action to protect your system. Follow these simple steps:

1. Disable the Windows message queuing service if not needed.

2. Check for a running "Message Queuing" service and if TCP port 1801 is listening on your machine.

3. Apply the security updates provided by Microsoft for the affected software versions.

4. Monitor the Microsoft Security Response Center for updates or additional information related to this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-36910 vulnerability, known as Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the National Vulnerability Database on August 8, 2023. To protect your system, apply the security updates provided by Microsoft.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-190, which is an Integer Overflow or Wraparound issue affecting Microsoft Message Queuing (MSMQ).

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

• Microsoft Security Update Guide

• CVE Record