Description
Windows Remote Desktop Services Remote Code Execution Vulnerability
Reserved 2024-10-11 | Published 2024-12-10 | Updated 2025-01-15 | Assigner
microsoftHIGH: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-453: Insecure Default Variable Initialization
Product status
10.0.17763.0 before 10.0.17763.6775
affected
10.0.17763.0 before 10.0.17763.6775
affected
10.0.20348.0 before 10.0.20348.3091
affected
10.0.26100.0 before 10.0.26100.2894
affected
10.0.25398.0 before 10.0.25398.1369
affected
10.0.26100.0 before 10.0.26100.2894
affected
10.0.14393.0 before 10.0.14393.7699
affected
10.0.14393.0 before 10.0.14393.7699
affected
6.2.9200.0 before 6.2.9200.25222
affected
6.2.9200.0 before 6.2.9200.25222
affected
6.3.9600.0 before 6.3.9600.22371
affected
6.3.9600.0 before 6.3.9600.22371
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49120 (Windows Remote Desktop Services Remote Code Execution Vulnerability) vendor-advisory
cve.org (CVE-2024-49120)
nvd.nist.gov (CVE-2024-49120)
Download JSON
Subscribe to our newsletter to learn more about our work.