Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2024-38129 [HIGH] CWE-285 Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? A

CVE-2024-43514 [HIGH] CWE-415 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publ

CVE-2024-43608 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain c

CVE-2024-43544 [HIGH] CWE-400 Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Microsoft Simple Certificate Enrollment Protocol: Microsoft Simple Certificate Enrollment Protocol Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog

CVE-2024-20659 [HIGH] CWE-20 Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Successful exploitation of this vulnerability by an attacker requires a user to first reboot their machine. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? This Hypervisor vulnerability relates

CVE-2024-43533 [HIGH] CWE-416 Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client. Remote Desktop Client: Remote Desktop Cli

CVE-2024-43563 [HIGH] CWE-591 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Ancillary Function Driver for WinSock: Windows Ancillary Function Driver for WinSock Microsoft: Microsoft

CVE-2024-43592 [HIGH] CWE-20 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain co

CVE-2024-43545 [HIGH] CWE-400 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP): Windows Online Certificate Status Protocol (OCSP) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Referenc

CVE-2024-43575 [HIGH] CWE-400 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5044277 Reference: https://support.microsoft.com/help/5044277 Reference:

CVE-2024-43549 [HIGH] CWE-121 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. FAQ: Accordi

CVE-2024-43567 [HIGH] CWE-770 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5044277 Reference: https://support.microsoft.com/help/5044277 Reference:

CVE-2024-6197 [HIGH] CWE-590 Hackerone: CVE-2024-6197 Freeing stack buffer in utf8asn1str Hackerone: CVE-2024-6197 Freeing stack buffer in utf8asn1str NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2024-6197 FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires a client to connect to a malicious server, and that could allow the attacker to gain cod

CVE-2024-43582 [HIGH] CWE-416 Remote Desktop Protocol Server Remote Code Execution Vulnerability Remote Desktop Protocol Server Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an unauthenticated attacker would need to send malformed packets to a websocket listening port. This could result in remote code execution on the server side with the same permissions as the websocket service. FAQ: According to the CVSS metric, the

CVE-2024-43589 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS): Windows Routing and Remote Access Service (RRAS) Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: htt

CVE-2024-43551 [HIGH] CWE-59 Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Storage: Windows Storage Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest

CVE-2024-43615 [HIGH] CWE-73 Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Microsoft OpenSSH for Windows Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. FAQ: According to the CVSS metric, privileges required is low (PR:L). What d

CVE-2024-43593 [HIGH] CWE-20 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. Windows Routing and Remote Access Servi

CVE-2024-43552 [HIGH] CWE-416 Windows Shell Remote Code Execution Vulnerability Windows Shell Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim need

CVE-2024-43528 [HIGH] CWE-122 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Windows Secure Kernel Mode Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: Are there additional actions I need to take after installing November 12, 2024 update? This update affects a component of Virtualization-based Secur