CVE-2023-50387: MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers

Overview

Severity

N/A

Category

Denial of Service

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Feb

Released

2024-02-13

EPSS Score

51.99% (percentile: 97.9%)

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 3 repositories

Affected Products (13)

Windows

• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows Server 2022, 23H2 Edition (Server Core installation)
• Windows Server 2016
• Windows Server 2016 (Server Core installation)

ESU

• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2012
• Windows Server 2012 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)

Security Updates (8)

• 5034768
• 5034770
• 5034769
• 5034767
• 5034831
• 5034809
• 5034830
• 5034819

Acknowledgments

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner from the German National Research Center for Applied Cybersecurity ATHENE

Revision History

• 2024-02-13: Information published.