CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-43639

CVSS 9.8v3.1pub. 2024-11-12upd. 2024-11-18

Windows KDC Proxy Remote Code Execution Vulnerability

🤖 AI Analysis
How it works

The vulnerability affects the KDC Proxy service (Kerberos Key Distribution Center Proxy), which mediates Kerberos communication over the network. An attacker can remotely, without any authentication and user interaction, send a specially crafted request to the KDC Proxy service, leading to arbitrary code execution on the vulnerable server. The network attack vector with low attack complexity indicates that exploiting this vulnerability is relatively simple.

Impact

An attacker can gain full control over the vulnerable system — steal confidential data, modify files, and disrupt service operations (violation of confidentiality, integrity, and availability).

Mitigation & patch

Security updates released by Microsoft as part of November 2024 Patch Tuesday should be applied immediately, in accordance with references available at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43639. As a temporary measure, consider restricting network access to the KDC Proxy service to trusted hosts only.

Who is affected

Microsoft Windows Server 2012, Windows Server 2016, Windows Server 2019, Windows Server 2022 — detailed information about affected versions available in vendor references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows Server 2012

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2016

    OS
    Microsoft
    < 10.0.14393.7515
  • Microsoft Windows Server 2019

    OS
    Microsoft
    < 10.0.17763.6532
  • Microsoft Windows Server 2022

    OS
    Microsoft
    < 10.0.20348.2849
  • Microsoft Windows Server 2022 23h2

    OS
    Microsoft
    < 10.0.25398.1251
  • Microsoft Windows Server 2025

    OS
    Microsoft
    < 10.0.26100.2314
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...

CVE-2020-1040CRITICAL9.0⚠ KEVten sam produkt

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...

CVE-2020-0646CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2017-8543CRITICAL9.8⚠ KEVten sam produkt

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows S...