Kerberos Security Feature Bypass Vulnerability Affects Windows Users

CVE-2024-20674
8.8HIGH

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
9 January 2024

Badges

đź‘ľ Exploit Existsđź“° News Worthy

Summary

Windows Kerberos Security Feature Bypass Vulnerability

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.5329

Windows Server 2019 < 10.0.17763.5329

Windows Server 2019 (Server Core installation) < 10.0.17763.5329

News Articles

favicon imageHelp Net Security

Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world

8 months ago

favicon imageBornCity

Microsoft Security Update Summary (January 9, 2024)

[German]On January 9, 2024, Microsoft released security updates for Windows clients and servers, for Office and for other products. The security updates eliminate 48 vulnerabilities (CVEs), two of which are critical vulnerabilities. Below is a compact overview of these updates that were released on ...

8 months ago

favicon imageMalwarebytes

Patch now! First patch Tuesday of 2024 is here | Malwarebytes

Microsoft's patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.

8 months ago

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • đź‘ľ

    Exploit exists.

  • Risk change from: 9 to: 8.8 - (HIGH)

  • Risk change from: 8.8 to: 9 - (CRITICAL)

  • First article discovered by SC Magazine

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed4 News Article(s)
.