CVE-2023-36392: 
vulnerability analysis and mitigation

CVE-2023-36392 is a DHCP Server Service Denial of Service Vulnerability affecting Microsoft Windows Server systems. The vulnerability was first disclosed on November 14, 2023, and affects multiple versions of Windows Server including Server 2012, Server 2012 R2, Server 2016, Server 2019, and Server 2022 (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability can be exploited remotely with low attack complexity, requires no privileges or user interaction, and can result in high availability impact. Microsoft has classified this as a buffer over-read vulnerability (CWE-126) (NVD).

The vulnerability primarily affects the availability of DHCP Server services. If successfully exploited, it could allow an attacker to cause a denial of service condition, potentially disrupting DHCP services on affected Windows Server systems (Rapid7).

Microsoft has released security updates to address this vulnerability. Affected users should apply the appropriate patches (KB5032247 for Windows Server 2012, KB5032249 for Server 2012 R2, KB5032197 for Server 2016, KB5032196 for Server 2019, and KB5032198/KB5032202 for Server 2022) (Rapid7).