Published threat advisories for February 14, 2023

The Windows Graphics Component has a vulnerability that allows for privilege escalation, potentially impacting system integrity and data confidentiality. Attackers with local, low-level access can exploit this by opening specially crafted documents, leading to unauthorized control of systems. Organizations should prior

NVD published: February 14, 2023 • CISA KEV

A flaw in the Windows Common Log File System Driver allows local attackers to elevate privileges, potentially impacting system integrity and data confidentiality. This presents a risk to organizations due to the possibility of unauthorized system access or disruption.

NVD published: February 14, 2023 • CISA KEV

A security feature bypass vulnerability in Microsoft Publisher may allow attackers to circumvent security measures. This could impact data confidentiality, integrity, and availability. The realistic business risk involves potential unauthorized access or system disruption, particularly if the vulnerability is actively

NVD published: February 14, 2023 • CISA KEV

Microsoft Exchange Server has a vulnerability allowing authenticated attackers to execute remote code. This could lead to unauthorized system access and data compromise, posing a business risk to affected organizations. The vulnerability is known to be exploited in ransomware campaigns.

NVD published: February 14, 2023 • CISA KEV