CVE-2024-43639

Published Nov 12, 2024

Last updated 4 days ago

CVSS critical 9.8

Overview

Description: Windows KDC Proxy Remote Code Execution Vulnerability
Source: secure@microsoft.com
NVD status: Undergoing Analysis

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

secure@microsoft.com: CWE-197

Hype score: Not currently trending

🚨 Do you by any chance run a #KDC Proxy? Then better patch those systems today. CVE-2024-43639 - Windows KDC Proxy RCE requires no authentication and those systems are often exposed to the Internet #Kerberos https://t.co/LsEDAf44W3
@fabian_bader
14 Nov 2024
6261 Impressions
12 Retweets
25 Likes
6 Bookmarks
0 Replies
3 Quotes
CVE-2024-43639 - Security Update Guide - Microsoft - Windows KDC Proxy Remote Code Execution Vulnerability https://t.co/2ImWcXXdkf
@brennantom
14 Nov 2024
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References