CVE-2024-43642

Published Nov 12, 2024

Last updated 3 months ago

CVSS high 7.5

Overview

Description: Windows SMB Denial of Service Vulnerability
Source: secure@microsoft.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secure@microsoft.com: CWE-416

Hype score: Not currently trending

#patchdiff guess it's CVE-2024-43642 and just disable some old SMB feature. https://t.co/EwSjQ2wc7D
@TinySecEx
14 Nov 2024
2257 Impressions
0 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
A pre-auth remote DoS in the Windows kernel SMB stack I found was patched today under CVE-2024-43642: https://t.co/GhWvccybeY
@arudd1ck
12 Nov 2024
4270 Impressions
5 Retweets
61 Likes
10 Bookmarks
2 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4",
            "versionEndExcluding": "10.0.22621.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94",
            "versionEndExcluding": "10.0.22621.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4",
            "versionEndExcluding": "10.0.22631.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC",
            "versionEndExcluding": "10.0.22631.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531",
            "versionEndExcluding": "10.0.26100.2314"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998",
            "versionEndExcluding": "10.0.26100.2314"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641",
            "versionEndExcluding": "10.0.20348.2849"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975",
            "versionEndExcluding": "10.0.25398.1251"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054",
            "versionEndExcluding": "10.0.26100.2314"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References