CVE-2024-21416

Name of the Vulnerable Software and Affected Versions Windows versions prior to Server 2022 23H2

Description The issue is related to a buffer overflow in the TCP/IP protocol implementation in Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code, potentially leading to system compromise. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For Windows versions prior to Server 2022 23H2, patch immediately to resolve the issue. As a temporary workaround, consider restricting access to vulnerable TCP/IP functionalities until a patch is applied. Avoid using vulnerable API endpoints, such as /api/v1/network, in the affected Windows versions until the issue is resolved.