CVE-2024-49113

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 125

Summary

CVE-2024-49113 is a newly disclosed Denial of Service (DoS) vulnerability affecting Windows Lightweight Directory Access Protocol (LDAP). Malicious actors can exploit this weakness by sending specially crafted LDAP packets to an affected system. The vulnerability does not involve authentication bypass or data exposure, but it can cause the LDAP service to crash, leading to a denial of service condition. Microsoft is working on a patch to address this issue, and users are advised to apply it as soon as it becomes available. In the meantime, implementing network security controls to block the malicious traffic is recommended.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 11
  • Microsoft Windows Server 2008
  • Microsoft Windows
  • Microsoft Windows Server

Affected Vendors

  • Microsoft