CVE-2024-49117Return of Wrong Status Code in Microsoft Windows 11 Version 22h2

CWE-393Return of Wrong Status Code9 documents7 sources
Severity
8.8HIGHNVD
EPSS
0.6%
top 29.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
19
Microsoft Windows 11 Version 22h2Microsoft Windows 11 Version 22h3Microsoft Windows 11 Version 23h2+16 more
Timeline
PublishedDec 12

Description

Windows Hyper-V Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages19 packages

NVDmicrosoft/windows< 10.0.20348.2966+2
NVDmicrosoft/windows_11_22h2< 10.0.22621.4602
NVDmicrosoft/windows_11_23h2< 10.0.22631.4602
NVDmicrosoft/windows_11_24h2< 10.0.26100.2605
CVEListV5microsoft/windows_server_202210.0.20348.010.0.20348.2966

🔴Vulnerability Details

1
GHSA
GHSA-j885-4693-cqgh: Windows Hyper-V Remote Code Execution Vulnerability2024-12-12

📋Vendor Advisories

1
Microsoft
Windows Hyper-V Remote Code Execution Vulnerability2024-12-10

🕵️Threat Intelligence

6
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities2024-12-10
Qualys
Microsoft and Adobe Patch Tuesday, December 2024 Security Update Review2024-12-10
Talos
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities2024-12-10
Bleepingcomputer
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws2024-12-10
Qualys
Critical Microsoft Vulnerabilities Patched December 2024 | Qualys2024-12-10
CVE-2024-49117 — Return of Wrong Status Code | cvebase