CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-38074

CVSS 9.8v3.1pub. 2024-07-09upd. 2024-11-21

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

🤖 AI Analysis
How it works

The vulnerability results from an integer underflow error (CWE-191) in the Remote Desktop Licensing Service. An attacker can send a specially crafted network request to the vulnerable server without needing any privileges or user interaction. The attack vector is network-based, and attack complexity is rated as low, meaning the exploit can be performed in a repeatable and reliable manner.

Impact

Successful exploitation of the vulnerability allows an attacker to execute arbitrary code remotely on the server with service privileges, which may lead to full system takeover, data leakage, and compromise of server integrity and availability.

Mitigation & patch

Apply patches available from the vendor according to references — updates were published by Microsoft as part of Patch Tuesday on July 9, 2024. Detailed information available at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074. As a temporary measure, it is recommended to restrict network access to the Remote Desktop Licensing Service only to trusted hosts.

Who is affected

Microsoft Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019 — affects systems with active Remote Desktop Licensing Service; detailed version lists indicated in vendor references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows Server 2008

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2012

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2016

    OS
    Microsoft
    < 10.0.14393.7159
  • Microsoft Windows Server 2019

    OS
    Microsoft
    < 10.0.17763.6054
  • Microsoft Windows Server 2022

    OS
    Microsoft
    < 10.0.20348.2582
  • Microsoft Windows Server 2022 23h2

    OS
    Microsoft
    < 10.0.25398.1009
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...

CVE-2020-1040CRITICAL9.0⚠ KEVten sam produkt

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...

CVE-2020-0646CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2019-0708CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...