- شناسه CVE-2024-49126 :CVE
- CWE591 :CWE
- yes :Advisory
- منتشر شده: 12/10/2024
- به روز شده: 12/12/2024
- امتیاز: 8.1
- نوع حمله: Unknown
- اثر گذاری: Remote Code Execution Vulnerability
- برند: Microsoft
- محصول: Windows
- وضعیتPublished :CVE
- No :POC
- وضعیت آسیب پذیری: patch شده
چکیده
یک آسیب پذیری طبقه بندی شده به عنوان بحرانی در ویندوز مایکروسافت یافت شد. این آسیب پذیری کد ناشناخته مؤلفه Local Security Authority Subsystem Service را تحت تأثیر قرار می دهد. ایجاد تغییرات در سیستم منجر به استفاده استفاده از فضای حافظه پس از آزادسازی آن می شود. حمله را می توان از راه دور آغاز کرد.
لیست محصولات آسیب پذیر
Product | Platforms | Versions |
Windows 10 Version 1809 |
32-bit Systems, x64-based Systems |
affected from 10.0.0 before 10.0.17763.6659 |
Windows Server 2019 | x64-based Systems | affected from 10.0.0 before 10.0.17763.6659 |
Windows Server 2019 (Server Core installation) | x64-based Systems | affected from 10.0.0 before 10.0.17763.6659 |
Windows Server 2022 | x64-based Systems | affected from 10.0.0 before 10.0.20348.2966
affected from 10.0.0 before 10.0.20348.2908 |
Windows 10 Version 21H2 | 32-bit Systems, ARM64-based Systems, x64-based Systems | affected from 10.0.0 before 10.0.19044.5247 |
Windows 11 version 22H2 | ARM64-based Systems, x64-based Systems | affected from 10.0.0 before 10.0.22621.4602 |
Windows 10 Version 22H2 | x64-based Systems, ARM64-based Systems, 32-bit Systems | affected from 10.0.0 before 10.0.19045.5247 |
Windows Server 2025 (Server Core installation) | x64-based Systems | affected from 10.0.0 before 10.0.26100.2605
affected from 10.0.0 before 10.0.26100.2528 |
Windows 11 version 22H3 | ARM64-based Systems | affected from 10.0.0 before 10.0.22631.4602 |
Windows 11 Version 23H2 | x64-based Systems | affected from 10.0.0 before 10.0.22631.4602 |
Windows Server 2022, 23H2 Edition (Server Core installation) | x64-based Systems | affected from 10.0.0 before 10.0.25398.1308 |
Windows 11 Version 24H2 | ARM64-based Systems, x64-based Systems | affected from 10.0.0 before 10.0.26100.2605
affected from 10.0.0 before 10.0.26100.2528 |
Windows Server 2025 | x64-based Systems | affected from 10.0.0 before 10.0.26100.2605
affected from 10.0.0 before 10.0.26100.2528 |
Windows 10 Version 1507 | 32-bit Systems, x64-based Systems | affected from 10.0.0 before 10.0.10240.20857 |
Windows 10 Version 1607 | 32-bit Systems, x64-based Systems | affected from 10.0.0 before 10.0.14393.7606 |
Windows Server 2016 | x64-based Systems | affected from 10.0.0 before 10.0.14393.7606 |
Windows Server 2016 (Server Core installation) | x64-based Systems | affected from 10.0.0 before 10.0.14393.7606 |
Windows Server 2008 Service Pack 2 | 32-bit Systems | affected from 6.0.0 before 6.0.6003.23016 |
Windows Server 2008 Service Pack 2 (Server Core installation) | 32-bit Systems, x64-based Systems | affected from 6.0.0 before 6.0.6003.23016 |
Windows Server 2008 Service Pack 2 | x64-based Systems | affected from 6.0.0 before 6.0.6003.23016 |
Windows Server 2008 R2 Service Pack 1 | x64-based Systems | affected from 6.1.0 before 6.1.7601.27467 |
Windows Server 2008 R2 Service Pack 1 (Server Core installation) | x64-based Systems | affected from 6.0.0 before 6.1.7601.27467 |
Windows Server 2012 | x64-based Systems | affected from 6.2.0 before 6.2.9200.25222 |
Windows Server 2012 (Server Core installation) | x64-based Systems | affected from 6.2.0 before 6.2.9200.25222 |
Windows Server 2012 R2 | x64-based Systems | affected from 6.3.0 before 6.3.9600.22318 |
Windows Server 2012 R2 (Server Core installation) | x64-based Systems |
بطور عمومی هیچ اکسپلویتی برای این آسیب پذیری در دسترس نیست. احتمال اکسپلویت از طریق این آسیب پذیری کم است زیرا به دلیل پیچیدگی بالا در اکسپلویت مورد نظر جهت نفوذ نیاز به زمانبندی خاصی دارد.
لیست بروزرسانی محصولات برای رفع آسیب پذیری موردنظر به شرح زیر است:
Product | Impact | Max Severity | Build Number |
Windows Server 2012 R2 (Server Core installation) | Remote Code Execution | Critical | 6.3.9600.22318 |
Windows Server 2012 R2 |
Remote Code Execution | Critical | 6.3.9600.22318 |
Windows Server 2012 (Server Core installation) | Remote Code Execution | Critical | 6.2.9200.25222 |
Windows Server 2012 | Remote Code Execution | Critical | 6.2.9200.25222 |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Remote Code Execution | Critical |
6.1.7601.27467 6.1.7601.27467 |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Remote Code Execution | Critical |
6.1.7601.27467 6.1.7601.27467 |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Remote Code Execution | Critical |
6.0.6003.23016 6.0.6003.23016 |
Windows Server 2008 for x64-based Systems Service Pack 2 | Remote Code Execution | Critical |
6.0.6003.23016 6.0.6003.23016 |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Remote Code Execution | Critical |
6.0.6003.23016 6.0.6003.23016 |
Windows Server 2008 for 32-bit Systems Service Pack 2 |
Remote Code Execution | Critical |
6.0.6003.23016 6.0.6003.23016 |
Windows Server 2016 (Server Core installation) | Remote Code Execution | Critical | 10.0.14393.7606 |
Windows Server 2016 |
Remote Code Execution | Critical | 10.0.14393.7606 |
Windows 10 Version 1607 for x64-based Systems | Remote Code Execution | Critical | 10.0.14393.7606 |
Windows 10 Version 1607 for 32-bit Systems | Remote Code Execution | Critical | 10.0.14393.7606 |
Windows 10 for x64-based Systems |
Remote Code Execution | Critical | 10.0.10240.20857 |
Windows 10 for 32-bit Systems | Remote Code Execution | Critical | 10.0.10240.20857 |
Windows Server 2025 | Remote Code Execution | Critical |
10.0.26100.2605 10.0.26100.2528 |
Windows 11 Version 24H2 for x64-based Systems | Remote Code Execution | Critical |
10.0.26100.2605 10.0.26100.2528 |
Windows 11 Version 24H2 for ARM64-based Systems | Remote Code Execution | Critical |
10.0.26100.2605 10.0.26100.2528 |
Windows Server 2022, 23H2 Edition (Server Core installation) | Remote Code Execution | Critical | 10.0.25398.1308 |
Windows 11 Version 23H2 for x64-based Systems | Remote Code Execution | Critical | 10.0.22631.4602 |
Windows 11 Version 23H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.22631.4602 |
Windows Server 2025 (Server Core installation) | Remote Code Execution | Critical |
10.0.26100.2605 10.0.26100.2528 |
Windows 10 Version 22H2 for 32-bit Systems | Remote Code Execution | Critical | 10.0.19045.5247 |
Windows 10 Version 22H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.19045.5247 |
Windows 10 Version 22H2 for x64-based Systems |
Remote Code Execution | Critical | 10.0.19045.5247 |
Windows 11 Version 22H2 for x64-based Systems | Remote Code Execution | Critical |
10.0.22621.4602 |
Windows 11 Version 22H2 for ARM64-based Systems |
Remote Code Execution | Critical | 10.0.22621.4602 |
Windows 10 Version 21H2 for x64-based Systems |
Remote Code Execution | Critical | 10.0.19044.5247 |
Windows 10 Version 21H2 for ARM64-based Systems | Remote Code Execution | Critical | 10.0.19044.5247 |
Windows 10 Version 21H2 for 32-bit Systems | Remote Code Execution | Critical | 10.0.19044.5247 |
Windows Server 2022 (Server Core installation) |
Remote Code Execution | Critical |
10.0.20348.2966 10.0.20348.2908 |
Windows Server 2022 | Remote Code Execution | Critical |
10.0.20348.2966 10.0.20348.2908 |
Windows Server 2019 (Server Core installation) | Remote Code Execution | Critical |
10.0.17763.6659 |
Windows Server 2019 | Remote Code Execution | Critical | 10.0.17763.6659 |
Windows 10 Version 1809 for x64-based Systems | Remote Code Execution | Critical | 10.0.17763.6659 |
Windows 10 Version 1809 for 32-bit Systems | Remote Code Execution | Critical | 10.0.17763.6659 |
توضیحات
مهاجم برای این آسیبپذیری میتواند حسابهای سرور را با یک کد درحال اجرای دلخواه یا از راه دور هدف قرار دهد و از طریق تماس شبکه تلاش کند کد مخرب را در سرور فعال کند. مهاجم به افزایش سطح دسترسی نیاز ندارد و همچنین نیازی به تعامل با کاربر ندارد.
با توجه به آسیب پذیری موجود می توان آن را در دسته CWE-416 قرار داد. ارجاع دادن به حافظه پس از آزاد شدن می تواند باعث از کار افتادن برنامه، استفاده از مقادیر غیرمنتظره و یا اجرای کد شود. همچنین از طریق CWE-591 فرد مهاجم می تواند داده های حساس را ذخیره کند. سواستفاده از این آسیب پذیری می تواند بر محرمانگی، یکپارچگی و در دسترس بودن تأثیر بگذارد.
گفته می شود که اکسپلویت دشوار است. امکان شروع حمله از راه دور وجود دارد. هیچ شکلی از احراز هویت برای اکسپلویت مورد نیاز نیست.
احتمال اکسپلویت از این آسیب پذیری در 30 روز آینده 0.04% است.
CVSS
Score | Severity | Version | Vector String | ||
8.1 | HIGH | 3.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
نتیجه گیری
با توجه به این که میزان خطر این آسیب پذیری 8.1 بیان شده و میزان ریسک بالایی را در سیستم ایجاد می کند لذا برای جلوگیری از نفوذ مهاجمان بهتر است همواره از اخرین بروزرسانی های بیان شده استفاده کنید.