CVE-2024-30083
Published: 11 June 2024
Summary
CVE-2024-30083 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 7.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-30083 is a denial-of-service vulnerability in the Windows Standards-Based Storage Management Service. The flaw received a CVSS v3.1 base score of 7.5 and is associated with CWE-121. It affects the service component responsible for storage management operations on supported Windows systems.
An unauthenticated attacker can exploit the issue over the network without user interaction or credentials. Successful exploitation results in a high-impact denial of service that disrupts availability of the affected service while leaving confidentiality and integrity intact.
Microsoft has published guidance for the vulnerability through its Security Response Center at the listed reference URL, which includes details on available updates and recommended remediation steps for affected Windows installations. No information is provided on observed in-the-wild exploitation, and the EPSS score has remained flat at 0.0861.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-28020
Vulnerability details
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.