CVE-2024-26195
Published: 09 April 2024
Summary
CVE-2024-26195 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 8.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2024-26195 is a DHCP Server Service Remote Code Execution Vulnerability affecting the DHCP Server Service. It carries a CVSS 3.1 base score of 7.2 and is associated with CWE-122.
An attacker with high privileges can exploit the flaw remotely over a network with low attack complexity and without user interaction, resulting in full compromise of confidentiality, integrity, and availability on the affected system.
Microsoft Security Response Center advisories for this CVE direct administrators to apply the patches referenced in the update guide.
The associated EPSS score has remained flat at a peak and current value of 0.0641 since disclosure, indicating no material increase in observed exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-23471
Vulnerability details
DHCP Server Service Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.