CVE-2023-35622 is a high-severity spoofing vulnerability affecting Microsoft Windows Server 2019, specifically version 10.0.17763.0. The vulnerability is related to the Windows DNS service, where an attacker can spoof DNS responses to the server. This spoofing flaw allows an unauthenticated remote attacker to send maliciously crafted DNS responses that the server may accept as legitimate, potentially leading to integrity compromise of DNS data. The vulnerability is classified under CWE-290, which involves improper authentication, indicating that the DNS service does not adequately verify the authenticity of DNS responses. The CVSS 3.1 base score of 7.5 reflects a network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact is limited to integrity (I:H) without affecting confidentiality or availability. No known exploits are currently reported in the wild, and no patches have been linked yet, though the vulnerability has been officially published and reserved since mid-2023. This flaw could allow attackers to redirect DNS queries, potentially leading to man-in-the-middle attacks, redirection to malicious sites, or disruption of internal network name resolution, undermining trust in network communications and services relying on DNS within Windows Server 2019 environments.

For European organizations, this vulnerability poses a significant risk to the integrity of DNS resolution on Windows Server 2019 systems. Many enterprises, government agencies, and critical infrastructure providers in Europe rely on Windows Server 2019 for DNS services. Exploitation could enable attackers to redirect internal or external DNS queries to malicious endpoints, facilitating phishing, credential theft, or lateral movement within networks. Given the lack of required privileges or user interaction, attackers could remotely exploit this vulnerability over the network, increasing the attack surface. This is especially critical for sectors such as finance, healthcare, and public administration, where DNS integrity is vital for secure communications and service availability. The absence of known exploits provides a window for proactive mitigation, but the high severity score underscores the urgency for European organizations to assess and remediate affected systems promptly to prevent potential targeted attacks or supply chain compromises.

European organizations should immediately inventory their Windows Server 2019 deployments to identify systems running version 10.0.17763.0. Until an official patch is released, organizations should implement network-level mitigations such as restricting DNS traffic to trusted sources and employing DNS security extensions (DNSSEC) where possible to validate DNS responses. Monitoring DNS traffic for anomalies and implementing intrusion detection systems (IDS) tuned to detect spoofing attempts can provide early warning. Additionally, applying strict firewall rules to limit exposure of DNS services to untrusted networks and segmenting critical DNS servers from general network access can reduce risk. Organizations should subscribe to Microsoft security advisories to apply patches promptly once available. Finally, educating IT staff about this vulnerability and encouraging rapid incident response readiness will help mitigate exploitation risks.