CVE-2024-30092
Improper Input Validation (CWE-20)
Published: Oct 8, 2024

010

CVSS 8EPSS 0.04%High

CVE info copied to clipboard

Summary

Windows Hyper-V Remote Code Execution Vulnerability. This vulnerability has a CVSS v3.1 base score of 8.0, indicating a high severity. The attack vector is adjacent network, with high attack complexity, low privileges required, and no user interaction needed. The scope is changed, and the impact on confidentiality, integrity, and availability is high.

Impact

If exploited, this vulnerability could allow an attacker to execute arbitrary code on the target system. The high impact on confidentiality, integrity, and availability suggests that successful exploitation could lead to unauthorized access to sensitive information, manipulation of data or system settings, and potential disruption of services. Given that it affects Windows Hyper-V, it could potentially compromise the security of virtual machines and the hypervisor, which is particularly concerning in virtualized environments.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Microsoft released an update to address this vulnerability on October 8, 2024. Security teams should prioritize applying this patch to affected systems.

Mitigation

1. Apply the security update provided by Microsoft as soon as possible. 2. Implement network segmentation to limit the exposure of Hyper-V hosts to potential adjacent network attacks. 3. Ensure that only trusted users have low-level privileges on systems running Hyper-V. 4. Monitor Hyper-V systems for unusual activities or unauthorized access attempts. 5. Keep all Windows systems, especially those running Hyper-V, up to date with the latest security patches. 6. Consider implementing additional security controls such as intrusion detection systems (IDS) or intrusion prevention systems (IPS) to detect and prevent potential exploitation attempts.

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

Timeline

CVSS

A CVSS base score of 8 has been assigned.

Oct 8, 2024 at 5:40 PM / microsoft

First Article

Feedly found the first article mentioning CVE-2024-30092. See article

Oct 8, 2024 at 5:41 PM / CVE | THREATINT - NEW.RSS

Threat Intelligence Report

CVE-2024-30092 is a remote code execution (RCE) vulnerability with an important severity rating and a CVSSv3 score of 8. There is no information provided regarding exploitation in the wild, proof-of-concept exploits, mitigations, detections, patches, or downstream impacts to other third-party vendors or technology. Further investigation is needed to assess the full implications and available defenses against this vulnerability. See article

Oct 8, 2024 at 6:13 PM

CVE Assignment

NVD published the first details for CVE-2024-30092

Oct 8, 2024 at 6:15 PM

CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 8, 2024 at 11:10 PM

EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 9, 2024 at 10:29 AM

EPSS

EPSS Score was set to: 0.04% (Percentile: 10.2%)