AI description
CVE-2024-43639 is a vulnerability in the Microsoft Windows Key Distribution Center (KDC) Proxy, a component of the Windows Kerberos authentication system. It stems from a missing length check on Kerberos responses. An attacker can exploit this flaw by manipulating the KDC proxy to relay a Kerberos request to a server under their control. This server then sends a specially crafted, overly long response back to the KDC proxy, triggering an integer overflow and leading to arbitrary code execution. This vulnerability specifically affects Windows Servers configured as KDC Proxy Protocol servers. It does not affect Domain Controllers. Exploitation can be carried out remotely and does not require authentication. An attacker can leverage a specially crafted application to exploit the cryptographic protocol vulnerability in Windows Kerberos.
- Description
- Windows KDC Proxy Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-197
- Hype score
- Not currently trending
به تازگی برای KDC Proxy ویندوز ،آسیب پذیری با کد شناسایی CVE-2024-43639 از نوع RCE منتشر شده است. هکر می تواند با دستکاری ترافیک مربوط به احراز هویت kerberos کنترل کامل با دسترسی system روی سیستم آسیب پذیر داشته باشد. نمره این آسیب پذیری 9.8 می باشد. https://t.co/Poz3aKY03t htt
@AmirHossein_sec
9 Mar 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. SSHNuke Exploit https://t.co/go6zUd8aUb 2. CVE-2024-43639: RCE in Microsoft Windows KDC Proxy https://t.co/asA5IIN66a 3. Private key extraction in ECDSA upon signing a malformed input https://t.co/LJhc96QhJ2
@ksg93rd
7 Mar 2025
1003 Impressions
5 Retweets
13 Likes
10 Bookmarks
0 Replies
0 Quotes
CVE-2024-43639: Remote Code Execution in Microsoft Windows KDC Proxy. The Trend Research Team dives deep into this bug to look at the root cause and complexities of exploitation. They also provide detection guidance. Read the details at https://t.co/ErOqGP9VZO
@thezdi
4 Mar 2025
9553 Impressions
39 Retweets
126 Likes
60 Bookmarks
0 Replies
0 Quotes
November 18 Advisory: Windows KDC Proxy Remote Code Execution Vulnerability (CVE-2024-43639) uncovered. ⚠️🔒 Learn about the risks and safeguards. Click the link to learn more 🌐 https://t.co/FnFb26zMGK Article by 4imag team #4imag #News #CyberSecurity #Windows… https://t.
@4imag1
23 Nov 2024
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-43639
@transilienceai
23 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-43639
@transilienceai
20 Nov 2024
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Critical Flaw in #Windows KDC Proxy Exposes Systems to Remote Takeover (#CVE-2024-43639) https://t.co/XIzBnufLCb
@UndercodeNews
19 Nov 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Flaw in #Windows KDC Proxy Exposes Systems to Remote Takeover (#CVE-2024-43639) https://t.co/XIzBnufdMD
@UndercodeNews
19 Nov 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Do you by any chance run a #KDC Proxy? Then better patch those systems today. CVE-2024-43639 - Windows KDC Proxy RCE requires no authentication and those systems are often exposed to the Internet #Kerberos https://t.co/LsEDAf44W3
@fabian_bader
14 Nov 2024
6261 Impressions
12 Retweets
25 Likes
6 Bookmarks
0 Replies
3 Quotes
CVE-2024-43639 - Security Update Guide - Microsoft - Windows KDC Proxy Remote Code Execution Vulnerability https://t.co/2ImWcXXdkf
@brennantom
14 Nov 2024
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82E3AC46-9D0D-4381-93EE-FE87C212040A",
"versionEndExcluding": "10.0.14393.7515"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A43E1F6C-B2A7-4DEC-B4EC-04153746C42B",
"versionEndExcluding": "10.0.17763.6532"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641",
"versionEndExcluding": "10.0.20348.2849"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975",
"versionEndExcluding": "10.0.25398.1251"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054",
"versionEndExcluding": "10.0.26100.2314"
}
],
"operator": "OR"
}
]
}
]