Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-20700

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 9 January 2024

Badges

📰 News Worthy

Summary

A remote code execution vulnerability exists in Windows Hyper-V, enabling unauthorized attackers to execute arbitrary code on vulnerable instances. This vulnerability can be exploited by sending specially crafted requests to the affected product, leading to potential breaches in system security and integrity. Organizations using Windows Hyper-V should assess their vulnerability status and apply available security patches to mitigate risks.

Affected Version(s)

Windows 10 Version 1809 x64-based Systems 10.0.17763.0 < 10.0.17763.5329

Windows 10 Version 21H2 x64-based Systems 10.0.19043.0 < 10.0.19044.3930

Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.3930

News Articles

Runecast

CVE-2024-20674 CVE-2024-20700

Runecast guidance on Microsoft’s Jan 2024 Patch Tuesday

Microsoft fixed 48 security flaws in its January 2024 Patch Tuesday, including one critical remote code execution vulnerability.

1 year ago

Help Net Security

CVE-2023-7028 CVE-2024-20674

Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world

1 year ago