PT-2024-6148 · Microsoft · Windows Remote Desktop Licensing Service+1

Chunyang Han

Published

2024-09-10

Updated

2024-09-13

CVE-2024-38260

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Remote Desktop Licensing Service (affected versions not specified)

Description The vulnerability in the Windows Remote Desktop Licensing Service is related to the use of an uninitialized resource. Exploitation of this issue may allow a remote attacker to execute arbitrary code, potentially impacting the system. This could enable remote attackers to run malicious code, affecting the system's security.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

BDU:2024-07067

CVE-2024-38260

Affected Products

Windows

Windows Remote Desktop Licensing Service

PT-2024-6148 · Microsoft · Windows Remote Desktop Licensing Service+1

CVE-2024-38260

Weakness Enumeration

Related Identifiers

Affected Products

References · 10