Microsoft has released an out-of-band update to address six security vulnerabilities in Microsoft OLE (Object Linking and Embedding), Microsoft Open Database Connectivity (ODBC) driver for SQL Server.
CVE-2023-32028: Microsoft OLE DB Remote Code Execution Vulnerability
The OLE DB Driver for SQL Server is a data access application program interface (API) that delivers the SQL OLE DB driver in one dynamic-link library (DLL). It supports the new functionalities that the Windows Data Access Components (DAC) provides. The tool can be used to create new applications or enhance existing ones to use the new features introduced in SQL Server 2005 (9.x).
An attacker may exploit this vulnerability by persuading an authenticated user to connect to a malicious SQL server via OLEDB. Successful exploitation of this vulnerability may lead to the server receiving a malicious networking packet, allowing the attacker to perform remote code execution on the client.
CVE-2023-32027, CVE-2023-32026, and CVE-2023-32025: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
The Microsoft ODBC Drivers for SQL Server are ODBC drivers that offer an application programming interface (API) implementing the standard ODBC interfaces to Microsoft SQL Server. It can be used to create new applications and update the existing ones that currently use an older ODBC driver.
To exploit this vulnerability, an attacker must convince a user to download and open a specially crafted file from a website through social engineering. The malicious link will lead to a local attack on their computer and allow an attacker to perform remote code execution.
CVE-2023-29356: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
To exploit this vulnerability, an attacker must persuade an authenticated user to connect to a malicious SQL server via a connection driver such as ODBC and/or OLEDB, as applicable.
CVE-2023-29349: Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
To exploit this vulnerability, an attacker must persuade an authenticated user to connect to a malicious SQL server via a connection driver such as ODBC and/or OLEDB, as applicable.
Qualys Detection
Qualys customers can scan their devices with QID 378590 and 378595 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349