Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38063
9.8CRITICAL

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
13 August 2024

Badges

πŸ”₯ No. 1 TrendingπŸ˜„ TrendedπŸ‘Ύ Exploit ExistsπŸ”΄ Public PoCπŸ“° News Worthy

Summary

A critical remote code execution vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack by Microsoft. This vulnerability, rated with a CVSSv3 score of 9.8, can be exploited remotely by sending specially crafted IPv6 packets to the target, requiring no user interaction and classified as a "0-click" vulnerability. Successful exploitation can allow the attacker to execute arbitrary code on the target system with SYSTEM privileges, potentially leading to full control over the compromised machine. The vulnerability affects all supported versions of Windows and Windows Server, with Microsoft recommending the immediate application of security updates and the consideration of disabling IPv6 if not required. Organizations are advised to prioritize patching internet-facing systems, monitor suspicious network activity, and implement network segmentation to limit potential lateral movement in the event of a system compromise. It is crucial for organizations to address this vulnerability as a top priority, given its critical nature and potential for widespread impact.

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.6293

Windows Server 2019 < 10.0.17763.6293

Windows Server 2019 (Server Core installation) < 10.0.17763.6293

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-38063
Created by diegoalbuquerque

Windows-CVE-2024-38063
Created by PumpkinBridge

Disable-IPv6-CVE-2024-38063-Fix
Created by almogopp

News Articles

favicon imageThe Register

PoCcode released for zero-click Windows critical vuln

Windows users who haven't yet installed the latest fixes to their operating systems will need to get a move on, as code now exists to exploit a critical Microsoft vulnerability announced by Redmond two weeks...

3 weeks ago

favicon image

PoCcode released for zero-click Windows critical vuln

Windows users who haven't yet installed the latest fixes to their operating systems will need to get a move on, as code now exists to exploit a critical Microsoft vulnerability announced by Redmond two weeks...

3 weeks ago

favicon imageLatest Hacking News - Exploits, Vulnerabilities, Tech and Tutorials

Microsoft Patched A Zero-Click TCP/IP RCE Flaw

The zero-click TCP/IP Flaw affects Microsoft Windows systems with IPv6 enabled, leaving the ones with disabled IPv6 unaffected.

1 month ago

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ‘Ύ

    Exploit exists.

  • πŸ”₯

    Vulnerability reached the number 1 worldwide trending spot.

  • Vulnerability started trending.

  • First article discovered by null

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed13 Proof of Concept(s)12 News Article(s)
.