CVE-2024-49103
published 2024-12-12CVE-2024-49103: Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
PriorityP417medium4.3CVSS 3.1
AVPACLPRLUINSUCHINAN
EPSS
0.97%
57.3th percentile
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_21h2 | < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_22h2 | < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_11_22h2 | < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_23h2 | < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_24h2 | < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_server_2019 | < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1308 | 10.0.25398.1308 |
| microsoft | windows_server_2025 | < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.2605 | 10.0.26100.2605 |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vendor_msrc4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
vendor_msrc·2024-12-10·CVSS 4.3
CVE-2024-49103 [MEDIUM] CWE-191 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
FAQ: What type of information could be disclosed by this vulnerability?
Exploiting this vulnerability could allow the disclosure of certain kernel memory content.
Windows Wireless Wide Area Network Service: Windows Wireless Wide Area Network Service
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5048661
Reference: https://support.microsoft.com/help/5048661
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5048652
Reference: https://support.microsoft.com/help/
GHSA
GHSA-7h39-783j-9952: Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
ghsa_unreviewed·2024-12-12
CVE-2024-49103 [MEDIUM] CWE-125 GHSA-7h39-783j-9952: Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
No detection rules found.
No public exploits indexed.
2024-12-12
Published