Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43467

7.5HIGH

Key Information:

Vendor

Microsoft
Status
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Windows Server 2022, 23h2 Edition (server Core Installation)
Vendor
CVE Published:
10 September 2024

What is CVE-2024-43467?

A notable vulnerability exists in the Microsoft Windows Remote Desktop Licensing Service, permitting remote code execution. An attacker who successfully exploits this vulnerability could execute arbitrary code on the target system with the same user rights as the logged-on user. This vulnerability impacts multiple versions of Windows Server and Windows 10. Ensuring your systems are updated with the latest security patches is critical to mitigate potential exploits. For more information, refer to the official Microsoft advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Windows Server 2008 Service Pack 2 x64-based Systems 6.0.0 < 6.0.6003.22870

Windows Server 2008 R2 Service Pack 1 (Server Core installation) x64-based Systems 6.0.0 < 6.1.7601.27320

Windows Server 2008 R2 Service Pack 1 x64-based Systems 6.1.0 < 6.1.7601.27320

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.