{{item.title}}

时间：{{ noticeDetails.createdTime}}

附件：

Internet Control Message Protocol (ICMP) 远程代码执行漏洞

时间：2023-03-15 14:24:35

安全通告

电科网安预警“Internet Control Message Protocol (ICMP) 远程代码执行漏洞”，漏洞等级严重，强烈建议及时采取修复措施以避免受到损失。

漏洞名称：Internet Control Message Protocol (ICMP) 远程代码执行漏洞

漏洞编号：CVE-2023-23415

漏洞等级：严重

漏洞概要：

ICMP（Internet控制报文协议），是TCP/IP协议族的一个子协议。用于传递网络、主机、路由是否可达的控制消息。tcpip.sys是Windows操作系统中负责TCP/IP协议栈的核心驱动程序，用于支持网络连接和通信。

北京时间2023年3月15日微软发布了3月份安全更新，共计修复80个安全漏洞，影响84个产品/组件。其中Internet Control Message Protocol (ICMP) 远程代码执行漏洞值得关注。该漏洞CVSS3基础评分9.8分，当Windows系统上存在监听原始套接字的应用时，攻击者可以在未授权情况下远程发送精心构造的ICMP数据包给该应用，tcpip.sys驱动处理ICMP错误数据包时触发内存漏洞以执行代码获取系统权限，机密性、完整性、可用性完全丧失。

经跟踪研判，漏洞详情及POC未公开，暂未监测到在野利用，不排除短期出现漏洞武器化可能性。互联网上存在POC利用效果演示视频，可导致tcpip.sys驱动崩溃,造成系统蓝屏。

影响范围：

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

修复方案：

Ø 安装Windows Update 2023年3月安全更新

Ø 如果没有在线更新条件，单独下载安装对应版本补丁包

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415

附录：

Ø MSRC官方通告

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415

附件： Internet Control Message Protocol (ICMP) 远程代码执行漏洞预警-20230315.pdf

邮箱

电话

QQ

公告

{{ noticeDetails.title}}

时间：{{ noticeDetails.createdTime}}

附件：

Internet Control Message Protocol (ICMP) 远程代码执行漏洞

时间：2023-03-15 14:24:35