Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2024-7344 [HIGH] Cert CC: CVE-2024-7344 Howyar Taiwan Secure Boot Bypass Cert CC: CVE-2024-7344 Howyar Taiwan Secure Boot Bypass Description: This CVE was assigned by CERT CC. The purpose of this document is to attest to the fact that the products listed in the Security Updates table have been updated to protect against this vulnerability. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerab

CVE-2025-21242 [MEDIUM] CWE-200 Windows Kerberos Information Disclosure Vulnerability Windows Kerberos Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. FAQ: According to the CVSS metric, the attack complexity is high (AC:H

CVE-2025-21318 [MEDIUM] CWE-532 Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities. Windows Kernel Memory: Windows Kernel Memory Micr

CVE-2025-21225 [MEDIUM] CWE-843 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Remote Desktop Services: Windows Remote Desktop Services Microsoft: Microsoft Customer Action R

CVE-2025-21312 [LOW] CWE-908 Windows Smart Card Reader Information Disclosure Vulnerability Windows Smart Card Reader Information Disclosure Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidenti

CVE-2024-49128 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by attempting to connect to a system with the Remote Des

CVE-2024-49079 [HIGH] CWE-416 Input Method Editor (IME) Remote Code Execution Vulnerability Input Method Editor (IME) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an

CVE-2024-49076 [HIGH] CWE-287 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability FAQ: What privileges would an attacker gain by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could load a non-Microsoft DLL into an enclave, potentially leading to code execution within the context of the target enclave. Windows Virtu

CVE-2024-49075 [HIGH] CWE-400 Windows Remote Desktop Services Denial of Service Vulnerability Windows Remote Desktop Services Denial of Service Vulnerability Windows Remote Desktop Services: Windows Remote Desktop Services Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5048661 Refer

CVE-2024-49107 [HIGH] CWE-59 WmsRepair Service Elevation of Privilege Vulnerability WmsRepair Service Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would be able to delete any system files. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authorized attacker must send the user a malicious

CVE-2024-49117 [HIGH] CWE-393 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does t

CVE-2024-49119 [HIGH] CWE-843 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by connect

CVE-2024-49086 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain c

CVE-2024-49115 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by connect

CVE-2024-49114 [HIGH] CWE-820 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Cloud Files Mini Filter Driver: Windows Cloud Files Mini Filter Driver Microsoft: Microsoft Customer Action Required: Y

CVE-2024-49097 [HIGH] CWE-591 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully

CVE-2024-49132 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code. FAQ: According to the CVSS metric, t

CVE-2024-49129 [HIGH] CWE-400 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability FAQ: How could an attacker exploit the vulnerability? An unauthenticated attacker could exploit the vulnerability by connecting to a Remote Desktop server and then sending a malicious http request to the server. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vu

CVE-2024-49106 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by connect

CVE-2024-49125 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain c