Cyber Resilience

CVE-2024-43468

CriticalCISA KEVActive ExploitationEUVD Exploited

Published: 08 October 2024

Published
08 October 2024
Modified
13 February 2026
KEV Added
12 February 2026
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.8311 99.3th percentile
Risk Priority 89 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43468 is a critical-severity SQL Injection (CWE-89) vulnerability in Microsoft Configuration Manager 2403. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

Deeper analysis

Microsoft Configuration Manager contains a remote code execution vulnerability, CVE-2024-43468, that arises from improper neutralization of special elements in SQL commands (CWE-89). The flaw affects the product’s network-facing components and received a CVSS 3.1 base score of 9.8, reflecting that it can be reached without authentication or user interaction.

An unauthenticated attacker able to reach the Configuration Manager server over the network can supply crafted input that triggers the SQL injection, resulting in arbitrary code execution with full control over confidentiality, integrity, and availability of the affected system.

Microsoft’s security update guide provides remediation details and patch availability, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming that in-the-wild exploitation has been observed.

The associated EPSS score rose rapidly after disclosure, reaching a peak of 0.8746 and remaining at 0.8311, indicating sustained and substantial exploitation interest following public release of the vulnerability.

EU & UK References

Vulnerability details

Microsoft Configuration Manager Remote Code Execution Vulnerability

CWE(s)
KEV Date Added
12 February 2026

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
configuration manager 2403
all versions
microsoft
configuration manager 2409
all versions
microsoft
configuration manager 2503
all versions

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

References