Description
Windows Remote Desktop Services Remote Code Execution Vulnerability
Reserved 2024-10-11 | Published 2024-12-10 | Updated 2025-01-21 | Assigner
microsoftHIGH: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-591: Sensitive Data Storage in Improperly Locked Memory
CWE-416: Use After Free
Product status
10.0.17763.0 before 10.0.17763.6659
affected
10.0.17763.0 before 10.0.17763.6659
affected
10.0.20348.0 before 10.0.20348.2966
affected
10.0.26100.0 before 10.0.26100.2605
affected
10.0.25398.0 before 10.0.25398.1308
affected
10.0.26100.0 before 10.0.26100.2605
affected
10.0.14393.0 before 10.0.14393.7606
affected
10.0.14393.0 before 10.0.14393.7606
affected
6.2.9200.0 before 6.2.9200.25222
affected
6.2.9200.0 before 6.2.9200.25222
affected
6.3.9600.0 before 6.3.9600.22318
affected
6.3.9600.0 before 6.3.9600.22318
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49128 (Windows Remote Desktop Services Remote Code Execution Vulnerability) vendor-advisory
cve.org (CVE-2024-49128)
nvd.nist.gov (CVE-2024-49128)
Download JSON
Subscribe to our newsletter to learn more about our work.