CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 8.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Oct

Released

2024-10-08

EPSS Score

4.16% (percentile: 88.7%)

FAQ

How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

Affected Products (12)

Windows

• Remote Desktop client for Windows Desktop
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows 11 version 21H2 for x64-based Systems
• Windows 11 version 21H2 for ARM64-based Systems
• Windows 11 Version 22H2 for ARM64-based Systems
• Windows 11 Version 22H2 for x64-based Systems
• Windows 11 Version 23H2 for ARM64-based Systems
• Windows 11 Version 23H2 for x64-based Systems
• Windows Server 2022, 23H2 Edition (Server Core installation)
• Windows 11 Version 24H2 for ARM64-based Systems
• Windows 11 Version 24H2 for x64-based Systems

Security Updates (6)

• Release Notes
• 5044281
• 5044280
• 5044285
• 5044288
• 5044284

Acknowledgments

Anonymous, <a href="https://twitter.com/mas0nshi">YingQi Shi (@Mas0n)</a> with <a href="https://www.dbappsecurity.com.cn/product/cloud250.html">DBAPPSecurity WeBin Lab</a> and <a href="https://twitter.com/Y1nKoc">Minghao Lin(@Y1nKoc)</a>

Revision History

• 2024-10-08: Information published.