CVE-2024-49019

Published Nov 12, 2024

Last updated 3 months ago

CVSS high 7.8

Overview

Description
Active Directory Certificate Services Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo
secure@microsoft.com
CWE-1390

Social media

Hype score
Not currently trending

  1. Top 5 Trending CVEs: 1 - CVE-2024-49112 2 - CVE-2010-5139 3 - CVE-2024-49019 4 - CVE-2024-11944 5 - CVE-2024-8534 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    2 Jan 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Microsoft Defender for Identity now shows recommendations to prevent certificate enrollment with arbitrary application policies (ESC15 aka EKuwu, CVE-2024-49019)! /HT @Bandrel, @slobtresix0, @louscicchitano at @TrustedSec 🤘 https://t.co/J89l7miR7y

    @SamErde

    12 Dec 2024

    7019 Impressions

    13 Retweets

    51 Likes

    13 Bookmarks

    0 Replies

    2 Quotes

  3. Top 5 Trending CVEs: 1 - CVE-2024-38144 2 - CVE-2024-41713 3 - CVE-2024-39343 4 - CVE-2024-11667 5 - CVE-2024-49019 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    9 Dec 2024

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Active Directory CS のゼロデイ CVE-2024-49019:PoC エクスプロイトが提供 https://t.co/jB6axu3rN2 Active Directory の CSR (Certificate Signing Request) 関連する、ゼロデイ脆弱性が発生しました。すでに、PoC… https://t.co/PfMndOQHTV

    @iototsecnews

    9 Dec 2024

    112 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Top 5 Trending CVEs: 1 - CVE-2024-0012 2 - CVE-2023-28205 3 - CVE-2024-52443 4 - CVE-2024-49019 5 - CVE-2024-11477 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    1 Dec 2024

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Zero-Day in Active Directory Certificate Services: Researcher Exposes CVE-2024-49019 with PoC https://t.co/DSFjLX0FjQ

    @shijith_binoy

    30 Nov 2024

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Active Directory Sertifika Hizmetleri’nde (AD CS) Kritik Zero-Day Açığı: CVE-2024-49019 https://t.co/WjUNVlu1Fk

    @cozumpark

    30 Nov 2024

    321 Impressions

    1 Retweet

    6 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Top 5 Trending CVEs: 1 - CVE-2024-49019 2 - CVE-2024-11477 3 - CVE-2024-49040 4 - CVE-2024-47208 5 - CVE-2024-10524 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    30 Nov 2024

    74 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Zero-Day in Active Directory Certificate Services: Researcher Exposes CVE-2024-49019 with PoC https://t.co/S1ppVEwLwz

    @CrowdCyber_Com

    30 Nov 2024

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Exploring Microsoft AD CS bug CVE-2024-49019 #Microsoft #ADCS #CVE-2024-49019 https://t.co/xW9Va9ZHXa

    @pravin_karthik

    29 Nov 2024

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Zero-Day in Active Directory Certificate Services: Researcher Exposes CVE-2024-49019 with PoC https://t.co/isL21r7pxV

    @turne85540

    29 Nov 2024

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Zero-Day in Active Directory Certificate Services: Researcher Exposes CVE-2024-49019 with PoC https://t.co/qk4u6i7jR1

    @Dinosn

    29 Nov 2024

    15708 Impressions

    93 Retweets

    289 Likes

    89 Bookmarks

    1 Reply

    2 Quotes

  13. Zero-Day in Active Directory Certificate Services: Researcher Exposes CVE-2024-49019 with PoC Discover the details of the critical zero-day vulnerability CVE-2024-49019 affecting Active Directory Certificate Services (AD CS). https://t.co/Cl9qMb10A8

    @the_yellow_fall

    29 Nov 2024

    410 Impressions

    7 Retweets

    7 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  14. Actively exploited CVE : CVE-2024-49019

    @transilienceai

    23 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. Actively exploited CVE : CVE-2024-49019

    @transilienceai

    20 Nov 2024

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  16. ぱっちちゅうずでー 2024 年 11 月のセキュリティ更新プログラム (月例) https://t.co/gXgAHx15zt ◆CVE-2024-49040 Microsoft Exchange Server のなりすましの脆弱性 ◆CVE-2024-49019 Active Directory 証明書サービスの特権の昇格の脆弱性 ◆CVE-2024-43451 NTLM… https://t.co/pr2UfJwKX4 https://t.co/lG9Eyh5IJ7

    @taku888infinity

    13 Nov 2024

    1143 Impressions

    0 Retweets

    7 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Join us for this week's Defender Fridays with @Bandrel, Principal Security Consultant at TrustedSec, to discuss his research and mitigation guidance on ADCS ESC15 (CVE-2024-49019), also known as EKUwu, a vulnerability in Microsoft's Active Directory Certificate Services.… https:/

    @limacharlieio

    30 Oct 2024

    3582 Impressions

    8 Retweets

    15 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References