Hyper-V Denial of Service Vulnerability Affects Windows Systems
CVE-2024-43521

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Windows Server 2019; Windows Server 2019 (server Core Installation); Windows Server 2022; Windows Server 2022, 23h2 Edition (server Core Installation)
Vendor: CVE Published:; 8 October 2024

What is CVE-2024-43521?

The vulnerability in Windows Hyper-V allows attackers to exploit the system, potentially leading to a denial of service condition. This issue affects virtualized environments where Hyper-V is deployed, making it crucial for organizations to evaluate their security measures. Vigilance and timely patching are essential to safeguard systems from potential disruptions associated with this vulnerability.

Affected Version(s)

Windows Server 2012 (Server Core installation) x64-based Systems 6.2.9200.0 < 6.2.9200.25118

Windows Server 2012 R2 (Server Core installation) x64-based Systems 6.3.9600.0 < 6.3.9600.22221

Windows Server 2012 R2 x64-based Systems 6.3.9600.0 < 6.3.9600.22221

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

29% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2024
Vulnerability Reserved
Aug 14, 2024

Microsoft

What is CVE-2024-43521?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline