CVE-2024-43572
Published: 08 October 2024
Summary
CVE-2024-43572 is a high-severity Improper Neutralization (CWE-707) vulnerability in Microsoft Windows 10 21H2. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 2.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
Deeper analysis
CVE-2024-43572 is a remote code execution vulnerability in the Microsoft Management Console. The flaw carries a CVSS 7.8 rating reflecting local attack vector, low complexity, no required privileges, and required user interaction, with high impact on confidentiality, integrity, and availability. It affects the MMC component on supported Windows systems.
An attacker who can convince a user to open a malicious file or link can execute arbitrary code in the context of the logged-on user, potentially installing programs, viewing or modifying data, or creating new accounts with full user rights.
Microsoft has published an advisory detailing the affected builds and available updates, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild and directing organizations to apply the vendor patches.
The EPSS score reached a peak of 0.5404 before receding to its current value of 0.4894.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-40326
Vulnerability details
Microsoft Management Console Remote Code Execution Vulnerability
- CWE(s)
- KEV Date Added
- 08 October 2024
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Enforces use of documented standards and tool configurations that address proper neutralization of inputs/outputs during development.