What is CVE-2023-28304?

A high-severity vulnerability affecting Microsoft ODBC and OLE DB could allow remote code execution. Organizations using affected versions must prioritize patching to mitigate potential risks.

What is the severity of CVE-2023-28304?

CVE-2023-28304 has a severity rating of HIGH with a CVSS base score of 7.8.

CVE-2023-28304 | High Vulnerability in Microsoft ODBC and OLE DB

CVE-2023-28304 is a high-severity vulnerability identified in Microsoft ODBC and OLE DB components, which allows for remote code execution. With a CVSS score of 7.8, this vulnerability poses a significant risk to organizations utilizing affected versions of these components. The vulnerability is characterized by the attack vector being local, with low complexity, and it requires user interaction, making it critical for organizations to understand the implications and take immediate action.

The potential impact of this vulnerability is severe, as it can compromise confidentiality, integrity, and availability. Attackers may leverage this vulnerability to execute arbitrary code with the same privileges as the user, leading to unauthorized access and control over affected systems. Organizations should prioritize patching immediately to mitigate the risk of exploitation.

There is currently no known public exploit for this vulnerability, but the risk remains high due to its classification and the nature of its impact. Organizations that utilize Microsoft ODBC or OLE DB components are strongly encouraged to monitor their systems and apply relevant updates.

Given the severity of CVE-2023-28304, organizations must address this vulnerability within their priority patch cycle to minimize any potential risks associated with exploitation.

Vulnerability Details

The official description of CVE-2023-28304 highlights that it is a Microsoft ODBC and OLE DB Remote Code Execution Vulnerability. This vulnerability has a CVSS version of 3.1, with a vector string indicating local attack vector, low complexity, no privileges required for exploitation, and user interaction required. The impact of this vulnerability is classified as high across confidentiality, integrity, and availability.

Affected systems include ODBC versions starting from 17.0 to below 17.10.3.1 and OLE DB versions starting from 18.0 to below 18.6.5, as well as 19.1.0 to below 19.3.0. This vulnerability was published on April 11, 2023, and has been classified under CWE-20.

Technical Analysis

The root cause of CVE-2023-28304 lies in improper validation of inputs within Microsoft ODBC and OLE DB components. Attackers may exploit this vulnerability by crafting specific inputs that the vulnerable software fails to handle correctly, leading to unintended execution of code.

This vulnerability requires a local attack vector, meaning an attacker must have access to the same system as the victim. The complexity of the attack is low, as there are minimal barriers to executing the exploit once access is gained. No additional privileges are required for an attacker to carry out an exploit, making it particularly concerning. User interaction is necessary, as the user must execute a malicious action that triggers the vulnerability.

The impact of successful exploitation can result in significant data breaches, unauthorized access to sensitive information, and disruption of service, thereby affecting the confidentiality, integrity, and availability of affected systems.

Risk & Impact Analysis

Risk to organizations includes the potential for attackers to exploit this vulnerability for remote code execution, leading to unauthorized system access and data manipulation. Given that the attack requires local access and user interaction, the blast radius could extend to systems where users inadvertently execute malicious code, impacting not only individual devices but also the broader organizational network.

The urgency of addressing CVE-2023-28304 is classified as high due to its CVSS score of 7.8. Organizations should prioritize patching immediately to mitigate potential damage and secure their environments against possible exploitation.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of Microsoft ODBC include those from version 17.0 up to but not including 17.10.3.1 and for OLE DB from version 18.0 up to but not including 18.6.5. This also affects OLE DB versions from 19.1.0 up to but not including 19.3.0. Organizations that utilize these components should verify their systems and ensure they are updated to the latest versions to mitigate this vulnerability.

Mitigation & Remediation

Organizations should apply the latest patches provided by Microsoft for the affected ODBC and OLE DB components. Specific version upgrades should be made to versions beyond the vulnerable ranges. If a patch is unavailable, organizations must implement workarounds, including disabling affected features or restricting access to the vulnerable components.

Furthermore, organizations should enhance their configuration hardening practices to limit exposure to potential threats and establish network controls that prevent unauthorized access. Continuous monitoring of systems for unusual behavior is also advised to detect any attempts to exploit this vulnerability.

Penetration testing should be considered to validate that the remediation actions taken are effective.

Detection Guidance

Organizations should look for log indicators that suggest exploitation attempts, including unusual access patterns or code execution events related to ODBC and OLE DB components. Behavioral anomalies in application performance should be monitored, along with network signatures that may indicate unauthorized access. System changes, particularly those that involve modifications to the ODBC or OLE DB configurations, should also be investigated.

AppSecure Threat Intelligence Insight

CVE-2023-28304 underlines the importance of maintaining strong security practices around database components and the software that interacts with them. The vulnerability highlights a trend in local exploitation methods that can lead to severe consequences if left unaddressed.

Organizations should take lessons from this incident to reinforce their security postures, ensuring regular updates and patches are applied, and that developers are aware of potential security flaws in their code.

Vulnerability management programs should be designed to identify and remediate such vulnerabilities proactively.

Penetration testing methodology can also assist in detecting similar vulnerabilities before they are exploited.

Security testing best practices should be implemented to bolster defenses against such risks.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-28304: High Vulnerability in Microsoft ODBC and OLE DB