Remote Code Execution Vulnerability
CVE-2024-38131

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows 11 Version 24h2; Windows 10 Version 1809; Windows Server 2019; Windows Server 2019 (server Core Installation)
Vendor: CVE Published:; 13 August 2024

What is CVE-2024-38131?

The Clipboard Virtual Channel Extension is susceptible to a remote code execution vulnerability that allows an attacker to execute arbitrary code on the affected system. This vulnerability can be exploited via specially crafted input, leading to potential unauthorized access and control over the system. The impact of this vulnerability underscores the importance of timely software updates and proactive security measures to prevent exploitation.

Affected Version(s)

Remote Desktop client for Windows Desktop Unknown 1.2.0.0 < 1.2.5560.0

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20751

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7259

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jun 11, 2024

Microsoft

What is CVE-2024-38131?

Affected Version(s)

References

CVSS V3.1

Timeline