Improper access control in Microsoft Windows Remote Desktop Services

Published: 2024-10-09

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2024-43456
CWE-ID	CWE-284
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Windows Server Operating systems & Components / Operating system
Vendor	Microsoft

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper access control

EUVDB-ID: #VU98251

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-43456

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in Windows Remote Desktop Services. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows Server: before 2008 R2 6.1.7601.27366, 2012 R2 6.3.9600.22221, 2012 6.2.9200.25118, 2016 10.0.14393.7428, 2019 10.0.17763.6414, 2022 10.0.20348.2762, 2022 23H2 10.0.25398.1189, 2008 R2 6.1.7601.27366, 2008 R2 6.1.7601.27366, 2008 R2 6.1.7601.27366, 2008 R2 6.1.7601.27366

CPE2.3

cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:

External links

http://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43456

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.