Nov 2024: NTLM Hash Disclosure Spoofing Vulnerability
CVE-2024-43451 Published on November 12, 2024
NTLM Hash Disclosure Spoofing Vulnerability
NTLM Hash Disclosure Spoofing Vulnerability
Known Exploited Vulnerability
This Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user.
The following remediation steps are recommended / required by December 3, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Weakness Type
External Control of File Name or Path
The software allows user input to control or influence paths or file names that are used in filesystem operations.
Products Associated with CVE-2024-43451
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-43451 are published in these products:
Affected Versions
Microsoft Windows Server 2025:- Version 10.0.26100.0 and below 10.0.26100.2314 is affected.
- Version 10.0.26100.0 and below 10.0.26100.2314 is affected.
- Version 10.0.17763.0 and below 10.0.17763.6532 is affected.
- Version 10.0.17763.0 and below 10.0.17763.6532 is affected.
- Version 10.0.17763.0 and below 10.0.17763.6532 is affected.
- Version 10.0.20348.0 and below 10.0.20348.2849 is affected.
- Version 10.0.19043.0 and below 10.0.19044.5131 is affected.
- Version 10.0.22621.0 and below 10.0.22621.4460 is affected.
- Version 10.0.19045.0 and below 10.0.19045.5131 is affected.
- Version 10.0.22631.0 and below 10.0.22631.4460 is affected.
- Version 10.0.22631.0 and below 10.0.22631.4460 is affected.
- Version 10.0.25398.0 and below 10.0.25398.1251 is affected.
- Version 10.0.26100.0 and below 10.0.26100.2314 is affected.
- Version 10.0.10240.0 and below 10.0.10240.20826 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7515 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7515 is affected.
- Version 10.0.14393.0 and below 10.0.14393.7515 is affected.
- Version 6.0.6003.0 and below 6.0.6003.22966 is affected.
- Version 6.0.6003.0 and below 6.0.6003.22966 is affected.
- Version 6.0.6003.0 and below 6.0.6003.22966 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27415 is affected.
- Version 6.1.7601.0 and below 6.1.7601.27415 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22267 is affected.
- Version 6.3.9600.0 and below 6.3.9600.22267 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.