CVE-2023-36028: 
vulnerability analysis and mitigation

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability (CVE-2023-36028) was disclosed on November 14, 2023. This critical vulnerability affects various versions of Windows Server and Windows operating systems, including Windows Server 2008 through 2022 and Windows 10 through Windows 11 (Arctic Wolf).

The vulnerability has been assigned a CVSS score of 9.8 (Critical), with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. An unauthenticated threat actor could obtain remote code execution by sending specially crafted malicious Protected Extensible Authentication Protocol (PEAP) packets over the network. The vulnerability is only exploitable if PEAP is configured as an allowed EAP type in an organization's network policy (Arctic Wolf).

If successfully exploited, this vulnerability allows an unauthenticated attacker to achieve remote code execution on the affected system. The high CVSS score of 9.8 indicates potential complete compromise of system confidentiality, integrity, and availability (NVD).

Organizations can mitigate this vulnerability by either applying the available security updates or adjusting their network policy to stop using PEAP. Microsoft recommends reviewing the Configure the New Wireless Network Policy and Configure Network Policies documentation for proper configuration. If using PEAP is necessary, applying the security updates (KB5032189-KB5032202) is crucial (Arctic Wolf).