CVE-2024-20682 | THREATINT

Description

Windows Cryptographic Services Remote Code Execution Vulnerability

Reserved 2023-11-28 | Published 2024-01-09 | Updated 2024-12-31 | Assigner microsoft

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-822: Untrusted Pointer Dereference

Product status

10.0.17763.0 before 10.0.17763.5329

affected

10.0.0 before 10.0.17763.5329

affected

10.0.17763.0 before 10.0.17763.5329

affected

10.0.17763.0 before 10.0.17763.5329

affected

10.0.20348.0 before 10.0.20348.2227

affected

10.0.0 before 10.0.22000.2713

affected

10.0.19043.0 before 10.0.19044.3930

affected

10.0.22621.0 before 10.0.22621.3007

affected

10.0.19045.0 before 10.0.19045.3930

affected

10.0.22631.0 before 10.0.22631.3007

affected

10.0.22631.0 before 10.0.22631.3007

affected

10.0.25398.0 before 10.0.25398.643

affected

10.0.10240.0 before 10.0.10240.20402

affected

10.0.14393.0 before 10.0.14393.6614

affected

10.0.14393.0 before 10.0.14393.6614

affected

10.0.14393.0 before 10.0.14393.6614

affected

6.2.9200.0 before 6.2.9200.24664

affected

6.2.9200.0 before 6.2.9200.24664

affected

6.3.9600.0 before 6.3.9600.21765

affected

6.3.9600.0 before 6.3.9600.21765

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20682 (Windows Cryptographic Services Remote Code Execution Vulnerability) vendor-advisory

cve.org (CVE-2024-20682)

nvd.nist.gov (CVE-2024-20682)

Download JSON