CVE-2024-38214
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Aug 13, 2024
Updated: Aug 15, 2024
CWE ID 125
Summary
CVE-2024-38214 is a newly disclosed vulnerability affecting the Windows Routing and Remote Access Service (RRAS). This issue allows unauthenticated attackers to obtain sensitive information through specific RRAS packets. Successful exploitation could lead to the disclosure of RRAS configuration data, potentially enabling further attacks. Microsoft is currently working on a patch to address this vulnerability. Until then, organizations are advised to implement workarounds and heightened security measures to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Windows Server 2022
- Microsoft Windows Server 2008
- Microsoft Windows Server 2012
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
Affected Vendors
- Microsoft