CVE-2024-49132

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 416
CWE ID 591

Summary

CVE-2024-49132 is a newly disclosed vulnerability affecting Windows Remote Desktop Services. This issue permits an unauthenticated attacker to execute arbitrary code on a targeted system. Exploitation of this vulnerability can lead to the installation of malware or unauthorized system access, posing a significant risk to organizations and individuals using the Remote Desktop Protocol. Microsoft is urging users to apply the available patch as soon as possible to mitigate this threat. This vulnerability can be exploited through specially crafted RDP packets and does not require user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows
  • Microsoft Windows 11
  • Microsoft Windows Server

Affected Vendors

  • Microsoft