CVE-2023-21554

Vulnerability updated 7 months ago (2024-11-29T14:27:45.337Z)
Download STIX
Preview STIX
CVE-2023-21554, also known as QueueJumper, is a critical vulnerability that affects Microsoft Message Queuing (MSMQ). This flaw in software design or implementation could allow unauthenticated attackers to remotely execute arbitrary code within the context of the Windows service process mqsvc.exe. As a Remote Code Execution (RCE) vulnerability, it poses a significant risk, given its potential to provide unauthorized access and control over affected systems. This vulnerability was identified and dubbed QueueJumper by Check Point Research (CPR). The severity of this vulnerability lies in its capacity to enable remote attackers to manipulate system processes without requiring authentication, thereby potentially compromising the integrity, confidentiality, and availability of the targeted system. The details about this vulnerability are available on the Microsoft Security Response Center's website. In response to this threat, Check Point Intrusion Prevention System (IPS) has developed and deployed a signature named "Microsoft Message Queuing Remote Code Execution (CVE-2023-21554)." This measure aims to detect and protect Check Point customers against the QueueJumper vulnerability. Consequently, users of Check Point IPS can be assured of protection against this specific threat, reinforcing their security posture against potential cyber attacks.
Description last updated: 2024-05-04T16:19:44.515Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Queuejumper is a possible alias for CVE-2023-21554. QueueJumper, designated as CVE-2023-21554, is a critical vulnerability discovered in the Microsoft Message Queuing (MSMQ) service. It is a remote code execution flaw that could allow unauthenticated attackers to remotely execute arbitrary code within the Windows service process mqsvc.exe. This vulne
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Microsoft
Vulnerability
Remote Code ...
Windows
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2023-21554 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CISA
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Fortinet
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
SANS ISC
2 years ago
Naked Security
2 years ago
BankInfoSecurity
2 years ago
InfoSecurity-magazine
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Checkpoint
2 years ago