CVE-2024-43468

Microsoft Configuration Manager Remote Code Execution Vulnerability

CVSS 9.8 CRITICALEPSS 60.7%● KEVCWE-89

In short

A critical flaw in Microsoft Configuration Manager allows attackers to execute arbitrary code remotely without needing special permissions. This vulnerability enables complete system compromise through SQL injection techniques.

Technical detail

SQL injection vulnerability (CWE-89) in Microsoft Configuration Manager permits unauthenticated remote code execution with no user interaction required. The attack exploits improper input validation in database queries, allowing attackers to inject malicious SQL commands and execute arbitrary code with SYSTEM privileges.

Summary generated and translated by AI from the official description.

Microsoft Configuration Manager Remote Code Execution Vulnerability

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected products

Microsoft · Microsoft Configuration Manager

public PoCs found — 2

githubgithub.com/synacktiv/CVE-2024-43468★ 96 githubgithub.com/nikallass/CVE-2024-43468_mTLS_go★ 3

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43468