CVE-2024-38063

Published Aug 13, 2024

Last updated 8 months ago

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-38063 is a vulnerability in the Windows TCP/IP stack, specifically impacting the IPv6 subsystem. Exploitation is achieved through the transmission of specially crafted IPv6 network packets to a vulnerable system. Successful exploitation allows for remote code execution (RCE), enabling an attacker to run arbitrary code on the targeted machine. This vulnerability affects Windows systems with IPv6 enabled and was addressed by Microsoft with a patch released on August 13, 2024. Exploitation can occur remotely, meaning an attacker does not need prior access to the target system.

Description
Windows TCP/IP Remote Code Execution Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo
secure@microsoft.com
CWE-191

Social media

Hype score
Not currently trending
  1. Top 5 Trending CVEs: 1 - CVE-2024-38063 2 - CVE-2025-21333 3 - CVE-2025-27607 4 - CVE-2025-0337 5 - CVE-2025-27840 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    10 Mar 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ⚠️ Vulnerability Alert: Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices 📅 Timeline: Disclosure: 2024-08-16, Patch: 2024-08-16 🆔cveId: CVE-2024-38063 📊baseScore: 9.8 📏cvssMetrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity: Critical 🔴… https://

    @syedaquib77

    28 Feb 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices https://t.co/BbkoUK1K8P

    @Dinosn

    28 Feb 2025

    1530 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. #cve #windows #exploit CVE ID: CVE-2024-38063 System: windows Type: RCE   Exploit: Windows 10, Windows11, Windows Server 2026, 2019, and 2022 (including Server Core Installations)   PoC Source: https://t.co/kPXgQpxUOU PoC 2: https://t.co/RXs9nqkVXr PoC 3:… https://t.co/gIL1nmvf

    @ksg93rd

    19 Feb 2025

    224 Impressions

    3 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. قصتنا اليوم عن ثغرة ال IPv6: في أغسطس 2024، تم اكتشاف ثغرة أمنية خطيرة تحمل المعرف CVE-2024-38063 في بروتوكول TCP/IP الخاص بنظام Windows، وتؤثر تحديدًا على الأنظمة التي تم تمكين IPv6 فيها. تحمل هذه الثغرة درجة خطورة 9.8 وفقًا لمقياس CVSS، وتسمح للمهاجمين بتنفيذ تعليمات برمجية عن

    @Mr_Sudo04

    30 Jan 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-38063 lets unauthenticated attackers carry out remote code execution by "repeatedly sending: https://t.co/hn4rI4CuDC

    @linux_ly

    11 Jan 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. ⚠️ Alerta de seguridad: Vulnerabilidad CVE-2024-38063 ⚠️ Se ha identificado una vulnerabilidad crítica en el protocolo TCP/IP de Windows (IPv6) que permite a atacantes ejecutar código de forma remota sin interacción del usuario. https://t.co/upoxuAFJcq #vulnerabilities #hacking

    @FredyBahenaM

    4 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 【今年の人気記事】Windowsにゼロクリック攻撃の脆弱性。必ず対策を - PC Watch  Microsoftは13日(米国時間)、WindowsのTCP/IPにおける脆弱性により、ユーザーがゼロクリックで(何も操作しなくても)リモート攻撃される可能性がある深刻な脆弱性「CVE-2024-38063」があること https://t.co/PCRl7gNN2R

    @inoritodo

    31 Dec 2024

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Best of 2024: CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability - Security Boulevard https://t.co/6FRLlslC3C

    @PVynckier

    29 Dec 2024

    87 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Top 5 Trending CVEs: 1 - CVE-2024-38063 2 - CVE-2023-50428 3 - CVE-2024-10924 4 - CVE-2024-11477 5 - CVE-2024-44308 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    2 Dec 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Do you think that after EternalBlue there're no exploits to gain access to your Windows system? Then I have bad news for you. CVE-2024-38063 can lead to denial of service as well as remote code execution via specially crafted IPv6 packets. https://t.co/c6DoqTLVWF @three_cube htt

    @_aircorridor

    29 Nov 2024

    59 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  12. תוקף מפרסם למכירה 1.7 מיליון כרטיסי אשראי של ישראלים שגנב לטענתו מחברת הסליקה Hyp. המידע מוצע למכירה תמורת 100,000 דולר. לטענת התוקף המידע נגנב לאחר דוא"ל פישינג בשילוב ניצול החולשה CVE-2024-38063 ברשת של החברה. מזכיר כי החודש דיווחה החברה על מתקפת די… https://t.co/SypDplvCKD

    @CyberIL

    27 Nov 2024

    254 Impressions

    3 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  13. CVE-2024-38063 is a critical security vulnerability in the Windows TCP/IP stack that allows for remote code execution (RCE) https://t.co/RIx08JsJ4K

    @CyberDefAca

    12 Nov 2024

    362 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  14. CVE-2024-38063: Exploit & Patch Discover the critical Windows IPv6 vulnerability, CVE-2024-38063, enabling remote code execution and DoS attacks without user interaction. Dive into exploit mechanics and secure your systems. https://t.co/c6DoqTLVWF @three_cube https://t.co/9e

    @_aircorridor

    11 Nov 2024

    1748 Impressions

    8 Retweets

    21 Likes

    9 Bookmarks

    1 Reply

    0 Quotes

  15. POC for trigerring CVE-2024-38063 (RCE in tcpip.sys) https://t.co/WPH26h2Ewx #expdev #poc

    @InfosecMonk

    5 Nov 2024

    62 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  16. CVE-2024-38063是Windows内核处理IPv6协议中非常典型的漏洞,可惜的是对这个漏洞分析的文章寥寥无几(<3篇),所以我捡起好久没玩的IDA Pro浅显分析了一下这个漏洞的原理。 碍于时间有限,很多细节没有描述清楚,待后续有时间再做进一步的补充。 https://t.co/5tV75LIluT

    @repoog

    1 Nov 2024

    136 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Attention Cyberwarriors! 🚨 A critical Windows IPv6 flaw (CVE-2024-38063) allows remote code execution and DoS attacks with no user interaction! Discover how it works, why it’s so dangerous, and how to protect your systems. https://t.co/c6DoqTLVWF @three_cube https://t.co/mf89Ws

    @_aircorridor

    30 Oct 2024

    1470 Impressions

    8 Retweets

    19 Likes

    5 Bookmarks

    0 Replies

    1 Quote

Configurations