What is CVE-2023-36873?

A high-severity spoofing vulnerability exists in Microsoft .NET Framework. This vulnerability can lead to significant risks, including unauthorized access to sensitive data. Organizations should prioritize patching to mitigate potential threats.

What is the severity of CVE-2023-36873?

CVE-2023-36873 has a severity rating of HIGH with a CVSS base score of 7.4.

CVE-2023-36873 | High Vulnerability in Microsoft .NET Framework

CVE-2023-36873 is classified as a high-severity spoofing vulnerability in Microsoft .NET Framework. The vulnerability was published on August 8, 2023, and has a CVSS score of 7.4, indicating that it poses a significant risk to organizations. The nature of this vulnerability allows attackers to potentially manipulate data and cause unauthorized access, leading to severe consequences for affected systems. Organizations should prioritize patching immediately.

The vulnerability is characterized by its high attack complexity and the requirement for no user interaction, making it particularly concerning. The attack vector is classified as network-based, which means it could be exploited remotely. Given these factors, the urgency for defenders to address this vulnerability is high.

Organizations utilizing affected versions of the .NET Framework are at risk, and they must assess their exposure to this vulnerability to ensure adequate defenses are in place.

In summary, CVE-2023-36873 represents a critical security concern that necessitates immediate attention from IT and security teams to safeguard sensitive data and maintain system integrity.

Vulnerability Details

The official description of this vulnerability states that it is a spoofing vulnerability in the .NET Framework. It has a primary CVSS score of 5.9 from NVD, indicating a medium severity level, but the higher score of 7.4 from Microsoft indicates the risk is perceived as high in their context. The attack vector is network-based, with a high attack complexity and no privileges required for exploitation. The vulnerability impacts confidentiality and integrity, with a significant severity rating.

Technical Analysis

The root cause of CVE-2023-36873 lies in improper handling of input, which allows for spoofing attacks. The attack vector is primarily network-based, and exploitation does not require user interaction, making it particularly dangerous. The complexity of the attack is high, requiring certain conditions to be met for successful exploitation, which may limit the number of potential attackers but does not diminish the threat it poses.

The vulnerability affects the confidentiality and integrity of the system but does not impact availability. Organizations should assess their risk based on the potential for data manipulation and unauthorized access.

Risk & Impact Analysis

Risk to organizations includes data manipulation and unauthorized access, which could lead to significant breaches and loss of sensitive information. The blast radius potential is considerable, especially for organizations relying heavily on the .NET Framework for their operations. Given the high severity rating, organizations should address this vulnerability in their priority patch cycle.

Based on the CVSS score and exploitability factors, this vulnerability should be treated with high urgency in organizational remediation strategies.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of the .NET Framework include 4.6.2, 3.5, 4.8.1, 4.7, 4.7.1, 4.7.2, and 4.8. Organizations should ensure they are using the latest versions or apply the necessary patches as soon as they are available.

Mitigation & Remediation

Organizations should prioritize applying the patch provided by Microsoft to remediate this vulnerability. Further details can be found in the vendor advisory. For those unable to apply the patch immediately, consider implementing additional network security measures and monitoring to mitigate potential risks.

Detection Guidance

To assist in detecting exploitation attempts, organizations should monitor logs for unusual authentication patterns and access attempts to sensitive resources. Behavioral anomalies and system changes should be reported and investigated promptly.

AppSecure Threat Intelligence Insight

CVE-2023-36873 highlights the ongoing challenges organizations face in securing their applications against spoofing vulnerabilities. As attackers become more sophisticated, the importance of maintaining an updated vulnerability management program cannot be overstated. Organizations should focus on continuous monitoring and assessment of their security posture.

Implementing regular penetration testing can help identify weaknesses in applications before they can be exploited. For organizations looking to enhance their security measures, consider engaging in penetration testing to validate the effectiveness of their defenses.

By staying informed about emerging threats and vulnerabilities, organizations can better protect their assets and maintain the integrity of their systems.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-36873: High Vulnerability in Microsoft .NET Framework