Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-21407

8.1HIGH

Key Information

Vendor: Microsoft
Status: Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022
Vendor: CVE Published:; 12 March 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

Windows Hyper-V Remote Code Execution Vulnerability

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.5576

Windows Server 2019 < 10.0.17763.5576

Windows Server 2019 (Server Core installation) < 10.0.17763.5576

News Articles

CrowdStrike

CVE-2024-21407CVE-2024-21408

March 2024 Patch Tuesday: Updates and Analysis

Microsoft has released security updates for 60 vulnerabilities, including two critical bugs and 18 RCE vulnerabilities, for its March 2024 Patch Tuesday rollout.

6 months ago

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Jun 12, 2024
First article discovered by CrowdStrike
Mar 12, 2024
Vulnerability published.
Mar 12, 2024
Vulnerability Reserved.
Dec 8, 2023

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed0 Proof of Concept(s)1 News Article(s)