Let’s get more details on the following PowerShell is affected by 2 Critical Vulnerabilities published in 2023 November. As per Microsoft’s latest CVE revision, the PowerShell 7.2, 7.3, and 7.4 versions are also affected by the Visual Studio Remote Code Execution Vulnerabilities.
Microsoft published 2 PowerShell related vulnerabilities in the month of November 2023. There was 3 Zero Day Vulnerabilities released as part of Nov patch Tuesday. CVE-2023-36013 and CVE-2023-36049 are the two vulnerabilities published by Microsoft.
Apart from these 2 updated CVEs, there are 59 other vulnerabilities. Also, Microsoft released Windows 11 KB5030217 KB5030219 and Windows 10 KB5030211 latest cumulative updates (LCU) of September 2023. It’s highly recommended to update the PowerShell as discussed in the below.
On September 20, 2023, Microsoft added additional details to 5 CVEs published on 12th September. These 5 CVEs are CVE-2023-36792, CVE-2023-36793, CVE-2023-36794, CVE-2023-36796, and CVE-2023-36799. You can get more details on impacts related to Windows and Linux operating systems.
As per Microsoft, the revised Security Updates table includes PowerShell 7.2 and PowerShell 7.3 because these versions of PowerShell 7 are affected by this vulnerability. These are critical and important vulnerabilities, as per Microsoft.
PowerShell Information Disclosure Vulnerability – CVE-2023-36013
PowerShell Information Disclosure Vulnerability – CVE-2023-36013 published with CVSS:3.1 6.5 / 5.7. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, nonces, and other sensitive information.
| Product | Fix Download |
|---|---|
| PowerShell 7.4 | https://github.com/PowerShell/Announcements/issues/55 |
| PowerShell 7.3 | https://github.com/PowerShell/Announcements/issues/55 |
| PowerShell 7.2 | https://github.com/PowerShell/Announcements/issues/55 |
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability – CVE-2023-36049
To exploit this vulnerability an attacker would have to inject arbitrary commands to the FTP server. The type of information that could be disclosed if an attacker successfully exploited this vulnerability would be access controls on the server, allowing for read or write abilities.
Revised the Security Updates table for CVE-2023-36049 includes PowerShell 7.2, PowerShell 7.3, and PowerShell 7.4 because these versions of PowerShell 7 are affected by this vulnerability.
- https://github.com/PowerShell/Announcements/issues/54 for more information.
PowerShell 7 is affected by 5 Critical Vulnerabilities
The 5 September 2023 vulnerabilities impacting PowerShell 7.x versions are CVE-2023-36792, CVE-2023-36793, CVE-2023-36794, CVE-2023-36796, and CVE-2023-36799. Check out the table below to understand whether the impact is only for Windows devices, Linux, and macOS devices.
CVE-2023-36799 (only for Linux): A vulnerability exists in .NET where reading a maliciously crafted X.509 certificate may result in Denial of Service. This issue only affects Linux systems.
- .NET released multiple security updates for issues involving Microsoft.DiaSymReader.Native.*.dll.
- PowerShell 7 removed these binaries from the initial release of 7.3 and 7.2.12.
- The currently supported versions of PowerShell 7 are not affected.
| Impacted Operating System | Not Impacted OS | Impacted PowerShell Version | Fixed in | CVEs |
|---|---|---|---|---|
| Windows | macOS and Linux | 7.2 | 7.2.12 | CVE-2023-36796, CVE-2023-36793, CVE-2023-36794, CVE-2023-36792 |
| Linux | macOS and Windows | 7.2 | 7.2.14 | CVE-2023-36799 |
| Linux | macOS and Windows | 7.3 | 7.3.7 | CVE-2023-36799 |
FIX: Update PowerShell Versions to 7.2.12 and 7.3.7
To fix these .Net related vulnerabilities impacting PowerShell versions running on Windows and Linux operating systems, you need to update the PowerShell versions to 7.2.12 and 7.3.7, respectively.
On the Windows operating system, the Microsoft Update feature of PowerShell allows you to get the latest PowerShell 7 updates in your traditional Microsoft Update (MU) management flow. You can use Windows Update for Business (WUfB), WSUS, SCCM, or the interactive MU dialogue in Settings.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.