Windows TCP/IP Remote Code Execution Vulnerability
Released: Aug 13, 2024
Last updated: Sep 10, 2024
- Assigning CNA
- Microsoft
- CVE.org link
- CVE-2024-38063
- Impact
- Remote Code Execution
- Max Severity
- Critical
- Weakness
- CVSS Source
- Microsoft
- Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
- Metrics
- CVSS:3.1 9.8 / 8.5Base score metrics: 9.8 / Temporal score metrics: 8.5
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Exploit Code Maturity
Unproven
Remediation Level
Official Fix
Report Confidence
Confirmed
Please see Common Vulnerability Scoring System for more information on the definition of these metrics.
Exploitability
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
- Publicly disclosed
- No
- Exploited
- No
- Exploitability assessment
- Exploitation More Likely
Mitigations
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:
- Systems are not affected if IPv6 is disabled on the target machine.
FAQ
How could an attacker exploit this vulnerability?
An unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution.
Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?
The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.
Acknowledgements
- Wei in Kunlun Lab with Cyber KunLun
Security Updates
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle.
- 10.0.26100.1457
- 10.0.26100.1457
- 6.3.9600.22134
- 6.3.9600.22134
- 6.2.9200.25031
- 6.2.9200.25031
- 6.1.7601.27277
- 6.1.7601.27277
- 6.1.7601.27277
- 6.1.7601.27277
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 6.0.6003.22825
- 10.0.14393.7259
- 10.0.14393.7259
- 10.0.14393.7259
- 10.0.14393.7259
- 10.0.10240.20751
- 10.0.10240.20751
- 10.0.25398.1085
- 10.0.22631.4037
- 10.0.22631.4037
- 10.0.19045.4780
- 10.0.19045.4780
- 10.0.19045.4780
- 10.0.22621.4037
- 10.0.22621.4037
- 10.0.19044.4780
- 10.0.19044.4780
- 10.0.19044.4780
- 10.0.22000.3197
Disclaimer
Revisions
To comprehensively address CVE-2024-38063, Microsoft has released September 2024 security updates for all affected versions of Windows 10 Version 1809, Windows Server 2019, Windows Server 2022, and Windows 11 Version 21H2. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
Information published.