CVE-2024-38214

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 13, 2024
Updated: Aug 15, 2024
CWE ID 125

Summary

CVE-2024-38214 is a newly disclosed vulnerability affecting the Windows Routing and Remote Access Service (RRAS). This issue allows unauthenticated attackers to obtain sensitive information through specific RRAS packets. Successful exploitation could lead to the disclosure of RRAS configuration data, potentially enabling further attacks. Microsoft is currently working on a patch to address this vulnerability. Until then, organizations are advised to implement workarounds and heightened security measures to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Windows Server 2022
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019

Affected Vendors

  • Microsoft