Windows: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2024-49112) #shorts
CVE
This CVE focuses on a critical vulnerability within the Windows Lightweight Directory Access Protocol, known as LDAP. It has not yet been publicly disclosed and is classified as a zero-day threat. The vulnerability affects multiple versions of Microsoft Windows, including both desktop and server environments. A proof-of-concept exploit developed by SafeBreach Labs demonstrates the capability for remote code execution via LDAP, potentially granting malicious actors the ability to execute arbitrary code on targeted systems. This makes it a significant concern for all users operating the affected Windows platforms, as it could be leveraged for unauthorized access or control over vulnerable systems.
Watch the full video on YouTube: CVE-2024-49112
Remediation and exploitation details
This chain involves the following actors
This following systems are involved
Attack entry point
Remediation actions
Exploitation actions
Related Content
NOTE: The following related content has not been vetted and may be unsafe.
CVE database technical details
CVE ID
CVE-2024-49112
Description
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Provider
microsoft
CWE / problem types
CWE-190: Integer Overflow or Wraparound
Affected Software Versions
Microsoft:Windows 10 Version 1809:[{'version': '10.0.17763.0', 'lessThan': '10.0.17763.6659', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2019:[{'version': '10.0.17763.0', 'lessThan': '10.0.17763.6659', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2019 (Server Core installation):[{'version': '10.0.17763.0', 'lessThan': '10.0.17763.6659', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2022:[{'version': '10.0.20348.0', 'lessThan': '10.0.20348.2966', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 10 Version 21H2:[{'version': '10.0.19043.0', 'lessThan': '10.0.19044.5247', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 11 version 22H2:[{'version': '10.0.22621.0', 'lessThan': '10.0.22621.4602', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 10 Version 22H2:[{'version': '10.0.19045.0', 'lessThan': '10.0.19045.5247', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2025 (Server Core installation):[{'version': '10.0.26100.0', 'lessThan': '10.0.26100.2605', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 11 version 22H3:[{'version': '10.0.22631.0', 'lessThan': '10.0.22631.4602', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 11 Version 23H2:[{'version': '10.0.22631.0', 'lessThan': '10.0.22631.4602', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2022, 23H2 Edition (Server Core installation):[{'version': '10.0.25398.0', 'lessThan': '10.0.25398.1308', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 11 Version 24H2:[{'version': '10.0.26100.0', 'lessThan': '10.0.26100.2605', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2025:[{'version': '10.0.26100.0', 'lessThan': '10.0.26100.2605', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 10 Version 1507:[{'version': '10.0.10240.0', 'lessThan': '10.0.10240.20857', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows 10 Version 1607:[{'version': '10.0.14393.0', 'lessThan': '10.0.14393.7606', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2016:[{'version': '10.0.14393.0', 'lessThan': '10.0.14393.7606', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2016 (Server Core installation):[{'version': '10.0.14393.0', 'lessThan': '10.0.14393.7606', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2008 Service Pack 2:[{'version': '6.0.6003.0', 'lessThan': '6.0.6003.23016', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2008 Service Pack 2 (Server Core installation):[{'version': '6.0.6003.0', 'lessThan': '6.0.6003.23016', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2008 Service Pack 2:[{'version': '6.0.6003.0', 'lessThan': '6.0.6003.23016', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2008 R2 Service Pack 1:[{'version': '6.1.7601.0', 'lessThan': '6.1.7601.27467', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2008 R2 Service Pack 1 (Server Core installation):[{'version': '6.1.7601.0', 'lessThan': '6.1.7601.27467', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2012:[{'version': '6.2.9200.0', 'lessThan': '6.2.9200.25222', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2012 (Server Core installation):[{'version': '6.2.9200.0', 'lessThan': '6.2.9200.25222', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2012 R2:[{'version': '6.3.9600.0', 'lessThan': '6.3.9600.22318', 'versionType': 'custom', 'status': 'affected'}],Microsoft:Windows Server 2012 R2 (Server Core installation):[{'version': '6.3.9600.0', 'lessThan': '6.3.9600.22318', 'versionType': 'custom', 'status': 'affected'}]
Date Published
2024-12-10T17:49:44.679Z
Last Updated
2025-03-11T16:44:38.633Z