Protect Yourself from Microsoft PEAP Denial of Service Attacks

CVECVE-2023-21701
CVSScvssV3_1: 7.5
SourceCVE-2023-21701

Microsoft’s Protected Extensible Authentication Protocol (PEAP) is a security protocol used to securely carry out network authentication. However, researchers recently discovered a vulnerability that can be exploited to cause a denial-of-service (DoS) condition on devices using PEAP.

The vulnerability, tracked as CVE-2023-21701, exists due to a lack of proper validation of PEAP packets. A remote attacker can craft and send malicious packets that contain overly long values. This can consume the device’s resources and cause it to stop responding, preventing legitimate users from accessing network services.

Devices running any version of Microsoft Windows prior to Windows 11 20H2 are affected by this issue. Servers relying on PEAP authentication are also at risk of being targeted.

If you use a Windows computer or server, you should install the latest security updates from Microsoft to patch this vulnerability. Keeping your system updated with the latest patches is one of the best ways to bolster your defenses against cyber threats. You can also consider alternative authentication protocols that are less susceptible to DoS attacks if PEAP removal is not feasible.

Staying on top of security advisories and patching known issues helps reduce the risk of your devices being impacted by exploits like this one. Take action now to protect your systems and network access from potential PEAP denial of service attacks.

References