Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49119
Summary
This vulnerability in Microsoft Windows Remote Desktop Services allows for remote code execution, enabling attackers to execute arbitrary code on affected systems. It arises from improper processing of requests to the RDP service, leading to potential exploitation by malicious users. Successful exploitation can result in full system control, affecting data integrity and confidentiality. Organizations using vulnerable versions of Windows are urged to apply relevant security updates immediately to mitigate risks.
Affected Version(s)
Windows Server 2016 (Server Core installation) x64-based Systems 10.0.14393.0 < 10.0.14393.7606
Windows Server 2016 x64-based Systems 10.0.14393.0 < 10.0.14393.7606
Windows Server 2019 (Server Core installation) x64-based Systems 10.0.17763.0 < 10.0.17763.6659
References
EPSS Score
0% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved