Windows libarchive Remote Code Execution Vulnerability
CVE-2024-20697
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 9 January 2024
Badges
What is CVE-2024-20697?
CVE-2024-20697 is a critical vulnerability in Microsoft Windows that allows for remote code execution due to an integer overflow vulnerability in the Libarchive library. The vulnerability arises from insufficient bounds checks on the block length of a RARVM filter used for Intel E8 preprocessing in a RAR archive. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Microsoft has released a patch to address this vulnerability, and organizations are advised to apply the patch and implement detection measures to protect against potential exploitation. No known ransomware groups have exploited this vulnerability in the wild.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Windows 11 version 22H2 ARM64-based Systems 10.0.22621.0 < 10.0.22621.3007
Windows 11 version 22H3 ARM64-based Systems 10.0.22631.0 < 10.0.22631.3007
Windows 11 Version 23H2 x64-based Systems 10.0.22631.0 < 10.0.22631.3007
News Articles
Zero Day InitiativeCVE-2024-20697Zero Day Initiative β CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in Microsoft Windows. This bug was originally discovered by the Microsoft Offensive Re
References
EPSS Score
49% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- πΎ
Exploit known to exist
- π°
First article discovered by Zero Day Initiative
Vulnerability published
Vulnerability Reserved