Vulnerability

CERT-In Vulnerability Note CIVN-2023-0018
Remote Code Execution vulnerabilities in Windows Layer 2 Tunneling Protocol (L2TP)

Original Issue Date:January 13, 2023

Severity Rating: HIGH

Software Affected

Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems

Overview

Multiple vulnerabilities have been reported in Windows Layer 2 Tunneling Protocol (L2TP), which could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system.

Description

These vulnerabilities exist in Microsoft Windows due to a flaw in the Layer 2 Tunneling Protocol (L2TP). An unauthenticated remote attacker could exploit this vulnerability by sending a specially crafted connection request to a RAS server.

Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system.

Solution

Apply appropriate security updates as mentioned in the below link:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21555

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679

Vendor Information

Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21555
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679

References

CVE Name
CVE-2023-21543
CVE-2023-21546
CVE-2023-21555
CVE-2023-21556
CVE-2023-21679

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India