CVE-2024-43475: Microsoft Windows Admin Center Information Disclosure Vulnerability

Overview

Severity

High (CVSS 7.3)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C

Category

Information Disclosure

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Sep

Released

2024-09-10

EPSS Score

8.73% (percentile: 92.5%)

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This attack requires a admin user on the client to connect to a malicious server and then take specific actions which could result in information disclosure. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? The attacker must have permissions to access the target domain environment to be able to exploit this vulnerability. What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server.

Affected Products (4)

ESU

• Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Security Updates (2)

• 5043135
• 5043087

Acknowledgments

<a href="https://twitter.com/afang5472">Fangming Gu</a>, <a href="https://twitter.com/afang5472">Qinghe Xie</a>

Revision History

• 2024-09-10: Information published.