CVE-2024-49105
published 2024-12-12CVE-2024-49105: Remote Desktop Client Remote Code Execution Vulnerability
high8.4CVSS 3.1
AVNACLPRHUIRSCCHIHAH
Remote Desktop Client Remote Code Execution Vulnerability
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | remote_desktop_client | < 1.2.5716.0 | 1.2.5716.0 |
| microsoft | remote_desktop_client_for_windows_desktop | >= 1.2.0.0 < 1.2.5716.0 | 1.2.5716.0 |
| microsoft | windows_10_1507 | < 10.0.10240.20857 | 10.0.10240.20857 |
| microsoft | windows_10_1607 | < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_10_1809 | < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_21h2 | < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_22h2 | < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20857 | 10.0.10240.20857 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7606 | 10.0.14393.7606 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.6659 | 10.0.17763.6659 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.5247 | 10.0.19044.5247 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5247 | 10.0.19045.5247 |
| microsoft | windows_11_22h2 | < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_23h2 | < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_24h2 | < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.4602 | 10.0.22621.4602 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.4602 | 10.0.22631.4602 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.2605 | 10.0.26100.2605 |
| microsoft | windows_app | < 2.0.327.0 | 2.0.327.0 |
| microsoft | windows_app_client_for_windows_desktop | >= 1.00 < 2.0.327.0 | 2.0.327.0 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27467 | 6.1.7601.27467 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25222 | 6.2.9200.25222 |
Microsoft
Remote Desktop Client Remote Code Execution Vulnerability
vendor_msrc·2024-12-10·CVSS 8.4
CVE-2024-49105 [HIGH] CWE-284 Remote Desktop Client Remote Code Execution Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
FAQ: How could an attacker exploit this vulnerability?
An authenticated attacker could exploit the vulnerability by triggering remote code execution (RCE) on the server via a Remote Desktop connection. Alternatively, an authenticated attacker could trigger guest-to-host RCE via a malicious program by connecting to the host using MMC.
FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
This vulnerability could lead to a browser sandbox escape.
FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?
This attack requires an admin
GHSA
GHSA-6wcv-fq4v-cvv9: Remote Desktop Client Remote Code Execution Vulnerability
ghsa_unreviewed·2024-12-12
CVE-2024-49105 [HIGH] CWE-284 GHSA-6wcv-fq4v-cvv9: Remote Desktop Client Remote Code Execution Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
blogs_talos·2024-12-10·CVSS 8.4
CVE-2024-49112 [HIGH] Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
Microsoft assessed that exploitation of the four “critical” vulnerabilities is “less likely.”
CVE-2024-49112 is the most serious of this bunch, with a CVSS severity score of 9.8 out of 10. An attacker could exploit this vulnerability in Windows Lightweight Directory Access Protocol (LDAP) calls to execute arbitrary code within the context of the LDAP service. Additionally, CVE-2024-49124 and CVE-2024-49127 permit an unauthenticated attacker to send a specially crafted request to a vulnerable LDAP server, potentially executing the attacker's code if they succeed in a "race condition." Although the above
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
blogs_talos·2024-12-10·CVSS 8.4
CVE-2024-49112 [HIGH] Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
## Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
Microsoft assessed that exploitation of the four “critical” vulnerabilities is “less likely.”
CVE-2024-49112 is the most serious of this bunch, with a CVSS severity score of 9.8 out of 10. An attacker could exploit this vulnerability in Windows Lightweight Directory Access Protocol (LDAP) calls to execute arbitrary code within the context of the LDAP service. Additionally, CVE-2024-49124 and CVE-2024-49127 permit an unauthenticated attacker to send a specially crafted request to a vulnerable LDAP server, potentially exe
2024-12-12
Published