CVE-2024-49129: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Denial of Service

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Dec

Released

2024-12-10

EPSS Score

0.34% (percentile: 56.8%)

FAQ

How could an attacker exploit the vulnerability? An unauthenticated attacker could exploit the vulnerability by connecting to a Remote Desktop server and then sending a malicious http request to the server. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition.

Affected Products (13)

Windows

• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server 2022
• Windows Server 2022 (Server Core installation)
• Windows Server 2025 (Server Core installation)
• Windows Server 2022, 23H2 Edition (Server Core installation)
• Windows Server 2025
• Windows Server 2016
• Windows Server 2016 (Server Core installation)

ESU

• Windows Server 2012
• Windows Server 2012 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)

Security Updates (9)

• 5048661
• 5048654
• 5048800
• 5048667
• 5048794
• 5048653
• 5048671
• 5048699
• 5048735

Acknowledgments

<a href="https://twitter.com/keyz3r0">k0shl</a> with <a href="https://www.cyberkl.com/">Kunlun Lab</a>

Revision History

• 2024-12-10: Information published.