Windows Networking Denial of Service Vulnerability
CVE-2024-38232

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1607; Windows Server 2016; Windows Server 2016 (server Core Installation)
Vendor: CVE Published:; 10 September 2024

What is CVE-2024-38232?

A vulnerability exists within the Windows Networking framework that can allow an attacker to cause a Denial of Service (DoS) condition. Exploitation of this flaw may result in hardware failure, system crashes, or unavailability of network services, impacting the operation of affected environments. Organizations using Microsoft Windows products, particularly those in critical infrastructures, must prioritize patching and implementing best security practices to mitigate risk.

Affected Version(s)

Windows 10 Version 1607 x64-based Systems 10.0.0 < 10.0.14393.7336

Windows Server 2016 (Server Core installation) x64-based Systems 10.0.0 < 10.0.14393.7336

Windows Server 2016 x64-based Systems 10.0.0 < 10.0.14393.7336

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

27% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2024
Vulnerability Reserved
Jun 11, 2024