What is CVE-2023-35630?

CVE-2023-35630 is a high-severity vulnerability affecting multiple Microsoft Windows versions, allowing remote code execution. Organizations should prioritize patching immediately to mitigate risks.

What is the severity of CVE-2023-35630?

CVE-2023-35630 has a severity rating of HIGH with a CVSS base score of 8.8.

CVE-2023-35630 | High Vulnerability in Microsoft Windows

CVE-2023-35630 is a high-severity vulnerability classified as an Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. With a CVSS score of 8.8, it presents a significant risk to organizations using affected Microsoft Windows versions. The vulnerability allows attackers on the adjacent network to execute arbitrary code, which can lead to complete system compromise.

Risk to organizations includes unauthorized access to sensitive data, loss of integrity, and availability of critical services. This vulnerability has been marked as high priority for remediation, and organizations should address it in their patch cycle.

Currently, there are no known public exploits or proof of concept code available for this vulnerability. However, given its severity and potential impact, organizations should prioritize patching immediately.

The vulnerability was published on December 12, 2023, and has been modified since its initial disclosure. Organizations using the affected Windows versions must remain vigilant and ensure that all security updates are applied promptly.

Vulnerability Details

The vulnerability is characterized as a Remote Code Execution vulnerability affecting Internet Connection Sharing in Microsoft Windows. The CVSS score of 8.8 categorizes it as high severity, indicating a serious risk if exploited. The affected products include various versions of Windows 10 and Windows 11, as well as Windows Server editions.

Published on December 12, 2023, the vulnerability falls under the CWE-122 classification, indicating an improper or missing bounds check. This weakness can lead to buffer overflows, allowing arbitrary code execution.

Technical Analysis

The root cause of CVE-2023-35630 is an improper handling of Internet Connection Sharing in Microsoft Windows. The attack vector is through adjacent networks, and the attack complexity is low, with no privileges required and no user interaction needed for exploitation.

The vulnerability impacts confidentiality, integrity, and availability, all rated as high. This means that successful exploitation can lead to significant data breaches and system outages.

Risk & Impact Analysis

Organizations should assess the risk associated with CVE-2023-35630, particularly those with systems exposed to adjacent networks. The blast radius could be wide, affecting multiple systems if not addressed promptly.

Given the high CVSS score and the lack of known exploits, organizations should prioritize remediation efforts. The urgency for patching is critical to prevent potential exploitation.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The following versions of Microsoft Windows are affected by CVE-2023-35630:

Windows 10 (various versions), Windows 11 (various versions), and Windows Server (2008, 2012, 2016, 2019, 2022). Organizations should ensure that all systems are updated to the latest security patches.

Mitigation & Remediation

To remediate CVE-2023-35630, organizations should apply the available patches from Microsoft. Ensure that all affected systems are updated to the latest versions to mitigate the risk of exploitation.

For those unable to apply patches immediately, consider implementing network controls to restrict access to affected systems. Additionally, monitor for any unusual behavior that may indicate exploitation attempts.

Organizations may also benefit from penetration testing services to identify potential weaknesses in their defenses.

Detection Guidance

Organizations should monitor logs for any indicators of exploitation attempts, including unusual network traffic patterns or unauthorized access attempts. Behavioral anomalies in system performance may also signal potential exploitation.

AppSecure Threat Intelligence Insight

CVE-2023-35630 highlights the importance of maintaining up-to-date systems and the need for robust security measures to protect against remote code execution vulnerabilities. Security teams should learn from this incident to strengthen their defenses against similar threats in the future.

Regular vulnerability assessments and security audits can help organizations identify potential weaknesses and reduce their attack surface.

Consider implementing a vulnerability management program to proactively address risks and enhance overall security posture.

Engaging in regular security testing will also help organizations stay ahead of emerging threats.

Following established penetration testing methodologies can assist organizations in identifying vulnerabilities before they can be exploited.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-35630: High Vulnerability in Microsoft Windows