Security researchers have published a PoC for DoS vulnerability CVE-2024-49113 and additional information on their attempts to exploit RCE vulnerability CVE-2024-49112

Summary

Security researchers have published a PoC for DoS vulnerability CVE-2024-49113 and additional information on their attempts to exploit RCE vulnerability CVE-2024-49112

Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

Security researchers have published proof-of concept (PoC) exploit code for CVE-2024-49113, which is a denial-of-service (DoS) vulnerability in the Microsoft Windows Lightweight Directory Access Protocol (LDAP). The PoC can reportedly be used by a remote attacker to crash any Windows Server, creating a DoS condition. 

Additionally, the researchers have described technical details about their attempts to create a PoC for LDAP remote code execution (RCE) vulnerability CVE-2024-49112.

Vulnerability details

CVE-2024-49112 is a Remote Code Execution vulnerability in Windows and Windows Server with a CVSSv3 score of 9.8. Successful exploitation could allow an unauthenticated attacker to gain code execution through a specially crafted set of LDAP calls to execute arbitrary code within the context of the LDAP service.

CVE-2024-49113 is a denial-of-service (DoS) vulnerability in Windows and Windows Server with a CVSSv3 score of 7.5. An unauthenticated, remote attacker could exploit this vulnerability to create a denial-of service condition.

Remediation advice

Affected organisations are encouraged to review Microsoft's security advisories for CVE-2024-49112 and CVE-2024-49113 and apply the relevant updates as soon as practicable.

Definitive source of threat updates

CVE Vulnerabilities

Last edited: 3 January 2025 1:29 pm