RRAS RCE via Unrestricted Access - CVE-2024-38265
CVE-2024-38265 Published on October 8, 2024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Types

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Buffer Over-read

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This typically occurs when the pointer or its index is incremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in exposure of sensitive information or possibly a crash.

Products Associated with CVE-2024-38265

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Windows Server 2008

Microsoft Windows Server 2012

Microsoft Windows Server 2016

Microsoft Windows Server 2022 23h2

Microsoft Windows Server 2022

Microsoft Windows Server 2019

Affected Versions

Microsoft Windows Server 2019:

Version 10.0.17763.0 and below 10.0.17763.6414 is affected.

Microsoft Windows Server 2019 (Server Core installation):

Version 10.0.17763.0 and below 10.0.17763.6414 is affected.

Microsoft Windows Server 2022:

Version 10.0.20348.0 and below 10.0.20348.2762 is affected.

Microsoft Windows Server 2022, 23H2 Edition (Server Core installation):

Version 10.0.25398.0 and below 10.0.25398.1189 is affected.

Microsoft Windows Server 2016:

Version 10.0.14393.0 and below 10.0.14393.7428 is affected.

Microsoft Windows Server 2016 (Server Core installation):

Version 10.0.14393.0 and below 10.0.14393.7428 is affected.

Microsoft Windows Server 2008 Service Pack 2:

Version 6.0.6003.0 and below 6.0.6003.22918 is affected.

Microsoft Windows Server 2008 Service Pack 2 (Server Core installation):

Version 6.0.6003.0 and below 6.0.6003.22918 is affected.

Microsoft Windows Server 2008 Service Pack 2:

Version 6.0.6003.0 and below 6.0.6003.22918 is affected.

Microsoft Windows Server 2008 R2 Service Pack 1:

Version 6.1.7601.0 and below 6.1.7601.27366 is affected.

Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation):

Version 6.1.7601.0 and below 6.1.7601.27366 is affected.

Microsoft Windows Server 2012:

Version 6.2.9200.0 and below 6.2.9200.25118 is affected.

Microsoft Windows Server 2012 (Server Core installation):

Version 6.2.9200.0 and below 6.2.9200.25118 is affected.

Microsoft Windows Server 2012 R2:

Version 6.3.9600.0 and below 6.3.9600.22221 is affected.

Microsoft Windows Server 2012 R2 (Server Core installation):

Version 6.3.9600.0 and below 6.3.9600.22221 is affected.

Exploit Probability

EPSS

5.51%

Percentile

90.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

RRAS RCE via Unrestricted Access - CVE-2024-38265CVE-2024-38265 Published on October 8, 2024