Msrc Windows Server 2019 vulnerabilities

CVE-2024-49104 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. FAQ: Accordi

CVE-2024-49138 [HIGH] CWE-122 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes

CVE-2024-49123 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code. FAQ: According to the CVSS metric, t

CVE-2024-49089 [HIGH] CWE-190 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? To successfully exploit this vulnerability, an attacker or the targeted user would need to achieve a high level of control over a machine, as the attack requires access to processes ty

CVE-2024-49084 [HIGH] CWE-362 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerabilit

CVE-2024-49085 [HIGH] CWE-190 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. Windows Rout

CVE-2024-49103 [MEDIUM] CWE-191 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. Windows Wireless Wide Area Network Service: Windows Wireless Wide Area Network Service Microsoft: Microsoft Customer Acti

CVE-2024-49077 [MEDIUM] CWE-191 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physic

CVE-2024-49099 [MEDIUM] CWE-125 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An att

CVE-2024-49078 [MEDIUM] CWE-190 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who succe

CVE-2024-49094 [MEDIUM] CWE-122 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Wireless Wide Area Network Service: Windows Wireless Wide Area Network Service Microsoft: Microsoft Custo

CVE-2024-49110 [MEDIUM] CWE-125 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who succe

CVE-2024-49092 [MEDIUM] CWE-125 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who succe

CVE-2024-49098 [MEDIUM] CWE-125 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive. FAQ: What type of information could be disclosed by this vulnerability? Exploi

CVE-2024-49083 [MEDIUM] CWE-125 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physic

CVE-2024-49073 [MEDIUM] CWE-20 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who succes

CVE-2024-49081 [MEDIUM] CWE-122 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Wireless Wide Area Network Service: Windows Wireless Wide Area Network Service Microsoft: Microsoft Custo

CVE-2024-49111 [MEDIUM] CWE-125 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability? To exploit this vulnerability, an attacker needs physical access to the victim's machine. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerabili

CVE-2024-49101 [MEDIUM] CWE-125 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Wireless Wide Area Network Service: Windows Wireless Wide Area Network Service Microsoft: Microsoft Custo

CVE-2024-49087 [MEDIUM] CWE-20 Windows Mobile Broadband Driver Information Disclosure Vulnerability Windows Mobile Broadband Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physi