Kerberos Security Feature Bypass Vulnerability Affects Windows Users

CVE-2024-20674
8.8HIGH

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
9 January 2024

Badges

đź‘ľ Exploit Existsđź“° News Worthy

Summary

Windows Kerberos Security Feature Bypass Vulnerability

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.5329

Windows Server 2019 < 10.0.17763.5329

Windows Server 2019 (Server Core installation) < 10.0.17763.5329

News Articles

favicon imageRunecast

Runecast guidance on Microsoft’s Jan 2024 Patch Tuesday

Microsoft fixed 48 security flaws in its January 2024 Patch Tuesday, including one critical remote code execution vulnerability.

10 months ago

favicon imageHelp Net Security

Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world

10 months ago

favicon imageBornCity

Microsoft Security Update Summary (January 9, 2024)

[German]On January 9, 2024, Microsoft released security updates for Windows clients and servers, for Office and for other products. The security updates eliminate 48 vulnerabilities (CVEs), two of which are critical vulnerabilities. Below is a compact overview of these updates that were released on ...

10 months ago

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • đź‘ľ

    Exploit exists.

  • Risk change from: 9 to: 8.8 - (HIGH)

  • Risk change from: 8.8 to: 9 - (CRITICAL)

  • First article discovered by Tenable

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed6 News Article(s)
.