Description
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Reserved 2023-11-28 | Published 2024-04-09 | Updated 2025-01-23 | Assigner
microsoftHIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
Product status
10.0.17763.0 before 10.0.17763.5696
affected
10.0.0 before 10.0.17763.5696
affected
10.0.17763.0 before 10.0.17763.5696
affected
10.0.17763.0 before 10.0.17763.5696
affected
10.0.20348.0 before 10.0.20348.2402
affected
10.0.0 before 10.0.22000.2899
affected
10.0.19043.0 before 10.0.19044.4291
affected
10.0.22621.0 before 10.0.22621.3447
affected
10.0.19045.0 before 10.0.19045.4291
affected
10.0.22631.0 before 10.0.22631.3447
affected
10.0.22631.0 before 10.0.22631.3447
affected
10.0.25398.0 before 10.0.25398.830
affected
10.0.10240.0 before 10.0.10240.20596
affected
10.0.14393.0 before 10.0.14393.6897
affected
10.0.14393.0 before 10.0.14393.6897
affected
10.0.14393.0 before 10.0.14393.6897
affected
6.0.6003.0 before 6.0.6003.22618
affected
6.0.6003.0 before 6.0.6003.22618
affected
6.0.6003.0 before 6.0.6003.22618
affected
6.1.7601.0 before 6.1.7601.27067
affected
6.1.7601.0 before 6.1.7601.27067
affected
6.2.9200.0 before 6.2.9200.24821
affected
6.2.9200.0 before 6.2.9200.24821
affected
6.3.9600.0 before 6.3.9600.21924
affected
6.3.9600.0 before 6.3.9600.21924
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20678 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) vendor-advisory
cve.org (CVE-2024-20678)
nvd.nist.gov (CVE-2024-20678)
Download JSON