CVE-2024-43468
Published: 08 October 2024
Summary
CVE-2024-43468 is a critical-severity SQL Injection (CWE-89) vulnerability in Microsoft Configuration Manager 2403. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
Deeper analysis
Microsoft Configuration Manager contains a remote code execution vulnerability, CVE-2024-43468, that arises from improper neutralization of special elements in SQL commands (CWE-89). The flaw affects the product’s network-facing components and received a CVSS 3.1 base score of 9.8, reflecting that it can be reached without authentication or user interaction.
An unauthenticated attacker able to reach the Configuration Manager server over the network can supply crafted input that triggers the SQL injection, resulting in arbitrary code execution with full control over confidentiality, integrity, and availability of the affected system.
Microsoft’s security update guide provides remediation details and patch availability, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming that in-the-wild exploitation has been observed.
The associated EPSS score rose rapidly after disclosure, reaching a peak of 0.8746 and remaining at 0.8311, indicating sustained and substantial exploitation interest following public release of the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-40737
Vulnerability details
Microsoft Configuration Manager Remote Code Execution Vulnerability
- CWE(s)
- KEV Date Added
- 12 February 2026
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.