Cyber Resilience

CVE-2024-43572

HighCISA KEVActive ExploitationEUVD Exploited

Published: 08 October 2024

Published
08 October 2024
Modified
30 October 2025
KEV Added
08 October 2024
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.4894 97.8th percentile
Risk Priority 65 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43572 is a high-severity Improper Neutralization (CWE-707) vulnerability in Microsoft Windows 10 21H2. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 2.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

Deeper analysis

CVE-2024-43572 is a remote code execution vulnerability in the Microsoft Management Console. The flaw carries a CVSS 7.8 rating reflecting local attack vector, low complexity, no required privileges, and required user interaction, with high impact on confidentiality, integrity, and availability. It affects the MMC component on supported Windows systems.

An attacker who can convince a user to open a malicious file or link can execute arbitrary code in the context of the logged-on user, potentially installing programs, viewing or modifying data, or creating new accounts with full user rights.

Microsoft has published an advisory detailing the affected builds and available updates, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild and directing organizations to apply the vendor patches.

The EPSS score reached a peak of 0.5404 before receding to its current value of 0.4894.

EU & UK References

Vulnerability details

Microsoft Management Console Remote Code Execution Vulnerability

CWE(s)
KEV Date Added
08 October 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 10 1507
≤ 10.0.10240.20796 · ≤ 10.0.10240.20796
microsoft
windows 10 1607
≤ 10.0.14393.7428 · ≤ 10.0.14393.7428
microsoft
windows 10 1809
≤ 10.0.17763.6414
microsoft
windows 10 21h2
≤ 10.0.19044.5011 · ≤ 10.0.19044.5011 · ≤ 10.0.19044.5011
microsoft
windows 10 22h2
≤ 10.0.19045.5011 · ≤ 10.0.19045.5011 · ≤ 10.0.19045.5011
microsoft
windows 11 21h2
≤ 10.0.22000.3260
microsoft
windows 11 22h2
≤ 10.0.22621.4317
microsoft
windows 11 23h2
≤ 10.0.22631.4317 · ≤ 10.0.22631.4317
microsoft
windows 11 24h2
≤ 10.0.26100.2033
microsoft
windows server 2008
all versions, r2
+5 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-707

Enforces use of documented standards and tool configurations that address proper neutralization of inputs/outputs during development.

References