CVE-2024-49091
CVSS 3.1 Score 7.2 of 10 (high)
Details
Summary
CVE-2024-49091 is a newly identified vulnerability affecting the Windows Domain Name Service (DNS). This issue allows an unauthenticated attacker to execute remote code on vulnerable systems, potentially leading to serious security consequences. The vulnerability is exploited by sending specially crafted DNS packets, which can result in arbitrary code execution when processed by the Windows DNS server. Organizations are strongly advised to apply patches or workarounds to mitigate this risk immediately. The exact cause and exploit details are not publicly disclosed, but Microsoft has acknowledged the issue and released a security advisory.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.