CVE-2024-38114

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 122

Summary

CVE-2024-38114 is a newly identified vulnerability affecting the Windows IP Routing Management Snap-in. This issue permits an attacker to execute arbitrary code remotely, potentially leading to a compromise of the targeted system. Exploitation of this vulnerability could be carried out through specially crafted RAS/Dial-up or RRAS remote access sessions. Successful exploitation grants the attacker full control over the affected system. Organizations are strongly advised to apply the forthcoming Microsoft security patch as soon as it becomes available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows
  • Microsoft Windows 11
  • Microsoft Windows Server 2008

Affected Vendors

  • Microsoft