CVE-2024-49113

Published Dec 12, 2024

Last updated 23 days ago

Overview

Description
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-125
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending
  1. Beware of fake #PoC exploits! Our latest blog uncovers how CVE-2024-49113 is being leveraged to distribute information-stealing malware. Follow this link to understand the tactics used by attackers and how to safeguard your environment: ⬇️ https://t.co/KCAuq4WJ5x

    @TrendMicroRSRCH

    2 Feb 2025

    586 Impressions

    0 Retweets

    0 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  2. The recently discovered LDAPNightmare exploit (CVE-2024-49113) can disrupt your critical Windows infrastructure. Get your comprehensive guide to: 1. Understanding LDAPNightmare 2. Detecting the vulnerability 3. Defending against potential attacks https://t.co/sffA0LF8tG https://

    @SemperisTech

    30 Jan 2025

    112 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Beware of fake #PoC exploits! Our latest blog uncovers how CVE-2024-49113 is being leveraged to distribute information-stealing malware. Follow this link to understand the tactics used by attackers and how to safeguard your environment: https://t.co/z7irG0fugx

    @TrendMicro

    28 Jan 2025

    124 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. A fake #PoC exploit for #LDAPNightmare (CVE-2024-49113) is being used to spread information-stealing malware. Learn how this exploit masquerades as a legitimate sample to deceive security professionals: https://t.co/6xCZE897U9 https://t.co/inxOScRnoC

    @Smidddi

    22 Jan 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. A new exploit, LDAPNightmare (CVE-2024-49113), has been identified, posing a significant threat to Windows systems, including Active Directory. This denial-of-service exploit has the potential to crash domain controllers and critical Windows hosts. https://t.co/sffA0LF8tG https:/

    @SemperisTech

    21 Jan 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. This Wednesday, January 22 at 9 am PT/12 pm ET, SafeBreach Security Team Lead @oryair1999 will share original research on CVE-2024-49113 (“LDAP Nightmare”). Register now to save your spot: https://t.co/JYrKgdI44k https://t.co/sjzLNNByLQ

    @safebreach

    20 Jan 2025

    105 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Beware of fake #PoC exploits! Our latest blog uncovers how CVE-2024-49113 is being leveraged to distribute information-stealing malware. Follow this link to understand the tactics used by attackers and how to safeguard your environment: ⬇️ https://t.co/KCAuq4WJ5x

    @TrendMicroRSRCH

    20 Jan 2025

    84 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Detect CVE-2024-49113 (aka #LDAPNightmare) – Windows LDAP denial-of-service vulnerability exploited via a publicly available PoC – using a set of #Sigma rules in the SOC Prime Platform. https://t.co/jS0yO2YIar

    @SOC_Prime

    17 Jan 2025

    100 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Évidemment il fallait que ça arrive... 🚨 Un faux exploit LDAP Nightmare circule sur GitHub… et cache un infostealer ! 💀 Basé sur la CVE-2024-49113, ce faux PoC télécharge un script malveillant qui exfiltre vos données. ⚠️ Attention aux exploits douteux #LDAPNightmare https:/

    @Guardia_School

    17 Jan 2025

    72 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit #CyberAttack #CyberSecurity https://t.co/PSohaTJ1I6

    @DC3DCISE

    17 Jan 2025

    62 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. به تازگی آسیب پذیری جدیدی برای سرویس LDAP با کدهای شناسایی CVE-2024-49112 و CVE-2024-49113 منتشر شد. اکسپلویت این آسیب پذیری با نام LDAPNightmare در GitHub به عنوان poc و برای شناسایی این آسیب پذیری توسط کاربران این سرویس ، بارگزاری شد. https://t.co/Poz3aKYxT1 https://t.co/i2Oo

    @AmirHossein_sec

    14 Jan 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. .@TrendMicro's blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. Learn more: https://t.co/er2zICkbeX

    @rjsandler1

    14 Jan 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Confirmada la existencia de un exploit tipo #PoC para la vulnerabilidad  CVE-2024-49113, conocida como LDAP Nightmare, que afecta a servidores Microsoft Windows incluyendo controladores de dominio enviando peticiones LDAP maliciosas. #PorUnEcuadorCiberseguro @Arcotel_ec https

    @EcuCERT_EC

    14 Jan 2025

    298 Impressions

    7 Retweets

    9 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. On 12/10, Microsoft published CVE-2024-49112 & CVE-2024-49113—two LDAP vulnerabilities that affect Windows Active Directory Domain Controllers. They’ve received significant attention due to their severity and the lack of any public documentation explaining the exploitation pa

    @safebreach

    14 Jan 2025

    70 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  15. A fake proof-of-concept (#POC) exploit for CVE-2024-49113 lures security researchers to download and execute information-stealing malware. Click this link for the full story: https://t.co/jPVrREjPCL https://t.co/25ue4HrROg

    @natordas

    14 Jan 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. A fake proof-of-concept (#POC) exploit for CVE-2024-49113 lures security researchers to download and execute information-stealing malware. Click this link for the full story: https://t.co/jPVrREjPCL https://t.co/FhCycuy8b8

    @natordas

    14 Jan 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Micropatches Released for Windows "LDAPNightmare" Denial of Service Vulnerability (CVE-2024-49113) https://t.co/HL8vBD569k https://t.co/7iWlVj1nbl

    @0patch

    14 Jan 2025

    165 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  18. .@TrendMicro's blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. Learn more: https://t.co/sMbE3Jf4Du

    @Smidddi

    14 Jan 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. According to the latest research from Trend Micro, a fake Proof-of-Concept (PoC) exploit has been identified for CVE-2024-49113, a denial-of-service (DoS) vulnerability previously found in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP). https://t.co/VDCrXYRBCg

    @blackwired32799

    14 Jan 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Threat Alert: Fake LDAPNightmare exploit on GitHub spreads infostealer malware CVE-2024-49112 CVE-2024-49113 CVE-2024-49138 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/ifVGosLGvd #CyberSecurity #ThreatIntel #InfoSec (1/3)

    @fletch_ai

    14 Jan 2025

    74 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. 🚨 #LDAPNightmare: #Vulnerabilidad en Windows Server 🚨 Un exploit PoC para la vulnerabilidad LDAPNightmare (CVE-2024-49113) puede causar la caída del servicio LSASS y reiniciar los controladores de dominio. 🔒💻 #Ciberseguridad #WindowsServer #Actualización https://t.co/G235nCuW

    @mdsolutionsperu

    13 Jan 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 🚨Threat Campaign Alert - Fake PoC Exploit for CVE-2024-49113 (LDAPNightmare) Lures Security Researchers into Deploying Info-Stealing Malware🚨 Summary: A fake PoC exploit for CVE-2024-49113 targets a critical Windows LDAP vulnerability, tricking security researchers into… https

    @CyberxtronTech

    13 Jan 2025

    96 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  23. A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on #GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. #Malware #CyberSecurity https://t.co/h2VlVJe8ou

    @YourAnonRiots

    12 Jan 2025

    169 Impressions

    4 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  24. Fake CVEs for CVE-2024-49113 👀anaylsis by Trendmicro: https://t.co/7ZPtV99G9U https://t.co/3t6NKMXWeL

    @ITSecurityguard

    12 Jan 2025

    792 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. .@TrendMicro's blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. Learn more: https://t.co/q8YSMUSyXx

    @alexandre_tovar

    12 Jan 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. #threatreport #LowCompleteness Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit. Conclusion | 12-01-2025 Source: https://t.co/nrAeCOrbgR Key details below ↓ 💀Threats: Ldapnightmare_vuln, Upx_tool, 🔓CVEs: CVE-2024-49113… https://t.co/pOW0aGCIJw htt

    @rst_cloud

    12 Jan 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. 🚨 Beware: Cybercriminals Using LDAP Nightmare PoC to Steal Your Data 🚨 WIRE TOR - The Ethical Hacking Services A malicious proof-of-concept (PoC) exploit for the vulnerability CVE-2024-49113, dubbed LDAP Nightmare has surfaced on GitHub. #hacker https://t.co/BgtwYhskiV

    @WireTor

    12 Jan 2025

    47 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  28. .@TrendMicro's blog entry discusses a fake PoC exploit for LDAPNightmare (CVE-2024-49113) that is being used to distribute information-stealing malware. Learn more: https://t.co/ZEjcx4DD1H

    @christine_fady

    12 Jan 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Fake #LDAPNightmware exploit on #GitHub spreads infostealer #malware https://t.co/sG9o3zXPAG A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. #Microsoft htt

    @GeekFeedNet

    12 Jan 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. A deceptive PoC exploit for CVE-2024-49113, dubbed "LDAPNightmare," is reportedly spreading infostealer malware via GitHub, exfiltrating sensitive data to an external FTP server. #CyberSecurity #Malware https://t.co/vCJg66bWF8

    @Cyber_O51NT

    12 Jan 2025

    525 Impressions

    2 Retweets

    9 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🚨 **Windows Sunucularında Kritik Güvenlik Açığı: CVE-2024-49113** 🚨 SafeBreach Labs, Windows LDAP hizmetinde "LDAP Nightmare" olarak adlandırılan kritik bir **zero-click** güvenlik açığını ortaya çıkardı. Bu açık, saldırganların kimlik doğrulama gerektirmeden uzaktan kod… ht

    @AydemirSerhat

    11 Jan 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. A deceptive exploit for CVE-2024-49113, known as "LDAPNightmare," has surfaced on GitHub, infecting users with infostealer malware that exfiltrates sensitive data to an external FTP server. Stay informed about this critical security threat. Read more at https://t.co/5TaOtXHMhT

    @trubetech

    11 Jan 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. GitHub - SafeBreach-Labs/CVE-2024-49113: LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 https://t.co/JiAWnCOF34

    @akaclandestine

    11 Jan 2025

    1528 Impressions

    11 Retweets

    32 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  34. Security pros baited with fake Windows LDAP exploit traps: https://t.co/dAwpIUzuOm Security researchers are being targeted with fake exploits for Microsoft vulnerabilities, specifically CVE-2024-49113 (LDAPNightmare) and CVE-2024-49112, both patched in December 2024. A… https://

    @securityRSS

    10 Jan 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🗞️ Stealer Masquerades as LDAPNightmare PoC Exploit Cybercriminals are exploiting the buzz around LDAPNightmare (CVE-2024-49113) by distributing a fake proof-of-concept (PoC) exploit on GitHub that actually installs information-stealing malware. Security experts recommend… http

    @gossy_84

    10 Jan 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. 1/7 A fake proof-of-concept (#POC) exploit for CVE-2024-49113 lures security researchers to download and execute information-stealing malware. Click this link for the full story: https://t.co/KCAuq4WJ5x https://t.co/w7UR33emR3

    @TrendMicroRSRCH

    10 Jan 2025

    405 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  37. Beware of the dangerous #LDAPNightmare exploit posing as a proof-of-concept for Microsoft's CVE-2024-49113 vulnerability. Find out how attackers are distributing information-stealing malware through this fake exploit https://t.co/Jvl0KDihv4

    @the_yellow_fall

    10 Jan 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. 🟠Compartimos el análisis de @TrendMicro un exploit de prueba de concepto (PoC) falso para CVE-2024-49113 (#LDAPNightmare) diseñado para atraer a los investigadores para que descarguen y ejecuten malware que roba información. #QintegraNews #ciberseguridad https://t.co/u7qFmIpJAr

    @QintegraC

    9 Jan 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. OffensiveYARA rule for the PoC exploit for CVE-2024-49113 also known as LDAPNightmare. The main Python Script (LdapNightmare[.]py) relies on the exploit_server.py

    @byt3n33dl3

    9 Jan 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. #LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49113 See how SafeBreach Labs Researchers developed a zero-click PoC exploit... https://t.co/RBArLkWEBc

    @BTshell

    9 Jan 2025

    933 Impressions

    10 Retweets

    21 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  41. A fake PoC for LDAPNightmare (CVE-2024-49113) is spreading info-stealing malware, disguised as legitimate. Beware of malicious downloads! Stay vigilant. ⚠️ #LDAPNightmare #MalwareAlert #USA #ThreatResearch link: https://t.co/btqltlTzip https://t.co/4RXdJNeQEl

    @TweetThreatNews

    9 Jan 2025

    36 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  42. LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49113 https://t.co/QxyAVSGh6F #cybersecurity #vulnerability #ldap #cve #informationsecurity #poc #informationsecurity https://t.co/wTOh1lfkic

    @blackstormsecbr

    9 Jan 2025

    1365 Impressions

    8 Retweets

    24 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  43. Information #Stealer Masquerades as #LDAPNightmare (CVE-2024-49113) PoC Exploit https://t.co/DqXBptriNg

    @club31337

    9 Jan 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit https://t.co/0crFcb7lNA

    @Dinosn

    9 Jan 2025

    2257 Impressions

    2 Retweets

    12 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  45. #100DaysofYARA Day 7 YARA rule for the PoC exploit for CVE-2024-49113 also known as #LDAPNightmare 🐧 The main Python Script (LdapNightmare .py) relies on the exploit_server.py which is imported as one of the modules https://t.co/AEDjkzFbXh https://t.co/mLBlcflhLw

    @RustyNoob619

    8 Jan 2025

    996 Impressions

    5 Retweets

    17 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  46. CVE-2024-49113 (“LDAP Nightmare”) has garnered attention due to its ability to trigger a DoS condition on any unpatched Windows server connected to the internet. On January 1, SafeBreach Labs researchers @oryair1999 and @ShahakMo released the first PoC exploit for CVE-2024-49113.

    @safebreach

    8 Jan 2025

    104 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  47. How Sigma rules for emerging threats take shape - Someone noticed CVE-2024-49113 (#LDAPNightmare) could be detected and shared raw logs - I realized we needed a Sigma rule to fully unlock its potential - Another person created the rule - A third refined and prepared it for… http

    @cyb3rops

    8 Jan 2025

    14653 Impressions

    66 Retweets

    263 Likes

    73 Bookmarks

    4 Replies

    0 Quotes

  48. Check this guidance, providing more insights into LDAPNightmare [News] LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49113 https://t.co/MVE6JwWHh3 #CyberSecurity #LDAP #CVE https://t.co/FIEpqbhOJE

    @david_das_neves

    8 Jan 2025

    327 Impressions

    1 Retweet

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  49. About Remote Code Execution - #Windows #LDAP (CVE-2024-49113). On January 1, researchers from @safebreach released a write-up on this vulnerability, labeled as #LDAPNightmare, and an exploit PoC. ➡️ https://t.co/X2TdQKPQEL https://t.co/nCi4aHFh7X

    @leonov_av

    8 Jan 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 🚨 Heads up, #CyberSecurity pros! Two critical LDAP vulnerabilities, CVE-2024-49112 (RCE-9.8) & CVE-2024-49113 (DoS-7.5), threaten Windows servers. Patch ASAP to stay secure! More info: https://t.co/ZrJzzemF6C #PatchTuesday #Infosec

    @ThreatVector24

    7 Jan 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations