CVE-2024-43581

External Control of File Name or Path (CWE-73)

Published: Oct 8, 2024

010
CVSS 7.1EPSS 0.05%High
CVE info copied to clipboard

Summary

Microsoft OpenSSH for Windows has a Remote Code Execution Vulnerability. This vulnerability is associated with External Control of File Name or Path (CWE-73). It affects various versions of Windows, including Windows Server 2019, Windows 11, Windows 10, and Windows Server 2022 across different architectures (x86, x64, arm64).

Impact

This vulnerability allows an attacker to potentially execute arbitrary code remotely on the affected systems. The vulnerability has a high impact on confidentiality, integrity, and availability of the affected systems. The attack vector is network-based, requiring low privileges and user interaction. While the attack complexity is high, successful exploitation could lead to significant compromise of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Patches are available. Microsoft has released updates to address this vulnerability. The patch was initially added on 2024-10-08 and updated on 2024-10-16. Users should update their systems to the following versions or later: - Windows Server 2019: 10.0.17763.6414 - Windows 11 24H2: 10.0.26100.2033 - Windows 10 22H2: 10.0.19045.5011 - Windows 11 23H2: 10.0.22631.4317 - Windows Server 2022 23H2: 10.0.25398.1189 - Windows 10 21H2: 10.0.19044.5011 - Windows 11 22H2: 10.0.22621.4317 - Windows 10 1809: 10.0.17763.6414 - Windows 11 21H2: 10.0.22000.3260 - Windows Server 2022: 10.0.20348.2762

Mitigation

1. Apply the latest security updates provided by Microsoft for the affected Windows versions. 2. Implement network segmentation and limit exposure of systems running OpenSSH for Windows. 3. Monitor and audit SSH access and activities. 4. Implement the principle of least privilege for user accounts. 5. Keep systems and software up-to-date with the latest security patches. 6. Use strong authentication methods for SSH access, such as key-based authentication. 7. Implement and maintain robust logging and monitoring systems to detect potential exploitation attempts.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Timeline

CVSS

A CVSS base score of 7.1 has been assigned.

Oct 8, 2024 at 5:40 PM / microsoft
First Article

Feedly found the first article mentioning CVE-2024-43581. See article

Oct 8, 2024 at 5:41 PM / CVE | THREATINT - NEW.RSS
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 8, 2024 at 5:41 PM
CVE Assignment

NVD published the first details for CVE-2024-43581

Oct 8, 2024 at 6:15 PM
Threat Intelligence Report

CVE-2024-43581 is a critical remote code execution vulnerability in Microsoft OpenSSH for Windows, which could allow attackers to execute arbitrary code on the target server. The details provided do not specify a CVSS score, evidence of exploitation in the wild, proof-of-concept exploits, or available mitigations and patches. Additionally, there is no information regarding downstream impacts on other third-party vendors or technologies. See article

Oct 8, 2024 at 7:24 PM
EPSS

EPSS Score was set to: 0.05% (Percentile: 20.1%)

Oct 9, 2024 at 10:29 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 5.2%)

Nov 19, 2024 at 6:13 AM
Static CVE Timeline Graph

Affected Systems

Microsoft/windows_server_2022
+null more

Patches

Microsoft
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-13: Subverting Environment Variable Values
+null more

References

October 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
Role: Windows Hyper-V CVE-2024-20659 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C Exploitation Less Likely Yes No No Windows Hyper-V CVE-2024-30092 8.0 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows EFI Partition CVE-2024-37976 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel CVE-2024-37979 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows EFI Partition CVE-2024-37982 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows EFI Partition CVE-2024-37983 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No OpenSSH for Windows CVE-2024-38029 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Monitor CVE-2024-38097 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C Exploitation Unlikely Yes No No Windows Netlogon CVE-2024-38124 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Windows Kerberos CVE-2024-38129 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No BranchCache CVE-2024-38149 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Azure Stack CVE-2024-38179 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Routing and Remote Access Service (RRAS) CVE-2024-38212 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No .NET and Visual Studio CVE-2024-38229 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-38261 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38262 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-38265 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43453 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Services CVE-2024-43456 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Configuration Manager CVE-2024-43468 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes Yes No Service Fabric CVE-2024-43480 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Power BI CVE-2024-43481 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No .NET, .NET Framework, Visual Studio CVE-2024-43483 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No .NET, .NET Framework, Visual Studio CVE-2024-43484 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No .NET and Visual Studio CVE-2024-43485 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Visual Studio Code CVE-2024-43488 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No DeepSpeed CVE-2024-43497 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Resilient File System (ReFS) CVE-2024-43500 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Common Log File System Driver CVE-2024-43501 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel CVE-2024-43502 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office SharePoint CVE-2024-43503 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office Excel CVE-2024-43504 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office Visio CVE-2024-43505 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No BranchCache CVE-2024-43506 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Microsoft Graphics Component CVE-2024-43508 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Graphics Component CVE-2024-43509 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Kernel CVE-2024-43511 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Standards-Based Storage Management Service CVE-2024-43512 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows BitLocker CVE-2024-43513 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows NTFS CVE-2024-43514 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Internet Small Computer Systems Interface (iSCSI) CVE-2024-43515 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Secure Kernel Mode CVE-2024-43516 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft ActiveX CVE-2024-43517 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Telephony Server CVE-2024-43518 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft WDAC OLE DB provider for SQL CVE-2024-43519 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel CVE-2024-43520 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Role: Windows Hyper-V CVE-2024-43521 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Local Security Authority (LSA) CVE-2024-43522 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43523 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43524 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43525 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43526 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel CVE-2024-43527 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Kernel Mode CVE-2024-43528 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Print Spooler Components CVE-2024-43529 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No RPC Endpoint Mapper Service CVE-2024-43532 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Remote Desktop Client CVE-2024-43533 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Microsoft Graphics Component CVE-2024-43534 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel-Mode Drivers CVE-2024-43535 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43536 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43537 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43538 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43540 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Simple Certificate Enrollment Protocol CVE-2024-43541 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Mobile Broadband CVE-2024-43542 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43543 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Simple Certificate Enrollment Protocol CVE-2024-43544 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Online Certificate Status Protocol (OCSP) CVE-2024-43545 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Cryptographic Services CVE-2024-43546 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kerberos CVE-2024-43547 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43549 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Channel CVE-2024-43550 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Storage CVE-2024-43551 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Shell CVE-2024-43552 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows NT OS Kernel CVE-2024-43553 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel-Mode Drivers CVE-2024-43554 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43555 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Graphics Component CVE-2024-43556 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Mobile Broadband CVE-2024-43557 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43558 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mobile Broadband CVE-2024-43559 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Storage Port Driver CVE-2024-43560 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Mobile Broadband CVE-2024-43561 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Network Address Translation (NAT) CVE-2024-43562 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Ancillary Function Driver for WinSock CVE-2024-43563 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43564 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Network Address Translation (NAT) CVE-2024-43565 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Role: Windows Hyper-V CVE-2024-43567 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Kernel CVE-2024-43570 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Sudo for Windows CVE-2024-43571 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Microsoft Management Console CVE-2024-43572 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C Exploitation Detected Yes No No Windows MSHTML Platform CVE-2024-43573 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C Exploitation Detected Yes No No Microsoft Windows Speech CVE-2024-43574 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Role: Windows Hyper-V CVE-2024-43575 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Microsoft Office CVE-2024-43576 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes OpenSSH for Windows CVE-2024-43581 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Remote Desktop CVE-2024-43582 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Winlogon CVE-2024-43583 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Scripting CVE-2024-43584 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Code Integrity Guard CVE-2024-43585 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Windows Routing and Remote Access Service (RRAS) CVE-2024-43589 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RC:C Exploitation Less Likely No No No Visual C++ Redistributable Installer CVE-2024-43590 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure CLI CVE-2024-43591 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43592 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43593 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Remote Desktop Client CVE-2024-43599 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Visual Studio Code CVE-2024-43601 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Visual Studio CVE-2024-43603 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Outlook for Android CVE-2024-43604 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43607 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Routing and Remote Access Service (RRAS) CVE-2024-43608 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office CVE-2024-43609 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation More Likely Yes No Yes Windows Routing and Remote Access Service (RRAS) CVE-2024-43611 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Power BI CVE-2024-43612 6.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Defender for Endpoint CVE-2024-43614 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely No No No OpenSSH for Windows CVE-2024-43615 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office CVE-2024-43616 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No

News

Patch 10 Critical Windows CVEs for October 2024
Similar to CVE-2024-43564, this vulnerability in Windows RRAS allows attackers to execute remote commands, affecting system network configurations. These vulnerabilities, collectively rated as high or critical severity by Microsoft, pose significant risks, including Remote Code Execution (RCE), which could lead to complete system compromise.
Windows October 2024 updates cause OpenSSH issues
Blog reader KAnaguma has reported in this comment that the cumulative update KB5044273 for Windows 10 updates the "OpenSSH_for_Windows_8.1p0" library to "OpenSSH_for_Windows_9.5p1" (is mentioned briefly in the post Microsoft Security Update Summary (October 8, 2024) ). Blog reader KAnaguma writes here that the installation of update KB5044273 causes the recognition of the PIV/PKCS11 certificate on a Yubikey used by the user for authentication to stop working.
Patch Tuesday October 2024: Counting Down to Windows 10 EoS, While Internet Explorer Lives
The long tail of Internet Explorer reappears in this month’s Microsoft Patch Tuesday release as we hit the one year mark for the impending Windows 10 end of support. A multi-month issue with Remote Desktop Gateway services crashing on Windows Servers since July’s security updates has also been addressed this month, so any teams that have put in place deferments to preserve Remote Desktop functionality should be quickly evaluating moving forward in light of this month’s updates to close multiple vulnerabilities.
October 2024 – Microsoft patch tuesday highlights
Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Security Feature Bypass, and Remote Code Execution (RCE) are among the vulnerabilities that Microsoft has addressed in various software products. Microsoft Configuration Manager Remote Code Execution Vulnerability
MS Family October 2024 Routine Security Update Advisory
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
See 35 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:High
Privileges Required:Low
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI