Remote Code Execution Vulnerability Affects Microsoft MSMQ
Key Information
- Vendor
- Microsoft
- Status
- Windows 10 Version 1809
- Windows Server 2019
- Windows Server 2019 (server Core Installation)
- Windows Server 2022
- Vendor
- CVE Published:
- 11 June 2024
Badges
Summary
The CVE-2024-30080 vulnerability affects Microsoft Message Queuing (MSMQ) and is a critical remote code execution (RCE) flaw. It requires the service named Message Queuing to be enabled and TCP port 1801 to be listening on the machine for an attacker to exploit it. The exploitation of this vulnerability poses a significant risk, as it can allow unauthorized access and control over affected systems, potentially leading to data breaches, system compromise, and further spread of malware. This highlights the urgency of addressing and patching this vulnerability to mitigate the risk.
Affected Version(s)
Windows 10 Version 1809 < 10.0.17763.5936
Windows Server 2019 < 10.0.17763.5936
Windows Server 2019 (Server Core installation) < 10.0.17763.5936
News Articles
The Stack CVE-2024-30080Microsoft updates mitigation for “wormable” CVE-2024-30080
Microsoft has updated its mitigation guidance for CVE-2024-30080 – a critical remote code execution (RCE) server side vulnerability in MSMQ that...
3 months ago
Spiceworks CVE-2023-50868CVE-2024-30080June 2024 Patch Tuesday - Spiceworks
Only one of the 51 patches released by Microsoft on June Patch Tuesday for a publicly known zero-day exploit.
3 months ago
GBHackers on Security CVE-2024-30080CVE-2024-30078Microsoft Urges Windows Admins to Patch Microsoft Message Queuing RCE Flaw
Microsoft has disclosed two Critical remote code execution vulnerabilities that existed in MSMQ (Microsoft Message Queuing) and Windows
3 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
Vulnerability started trending.
First article discovered by Help Net Security
Vulnerability published.
Vulnerability Reserved.