CVE-2024-38072
Published: 09 July 2024
Summary
CVE-2024-38072 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Microsoft Windows Server 2016. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Windows Remote Desktop Licensing Service contains a denial of service vulnerability tracked as CVE-2024-38072. The flaw is present in the licensing component of Windows Remote Desktop Services and carries a CVSS 3.1 base score of 7.5, reflecting a network-reachable condition that requires no authentication or user interaction. The associated weakness identifiers are CWE-476 and NVD-CWE-noinfo.
An unauthenticated attacker can send specially crafted network traffic to an affected system and trigger a crash or resource exhaustion in the licensing service, resulting in loss of availability while leaving confidentiality and integrity unaffected. Because the attack vector is rated as network and the complexity is low, remote exploitation is possible against any exposed Remote Desktop Licensing instance.
Microsoft’s security advisory at msrc.microsoft.com details the affected Windows versions and supplies the corresponding security updates that address the issue. Organizations are advised to apply the patches through normal update channels to eliminate the denial-of-service condition. The EPSS score has remained near 0.14 with only a negligible peak of 0.1436, indicating limited observed exploitation interest to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37767
Vulnerability details
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.