Oct 2024: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43533 Published on October 8, 2024

Remote Desktop Client Remote Code Execution Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2024-43533 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2024-43533

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Windows Server 2022

Microsoft Windows 11

Microsoft Windows 11 23h2

Microsoft Windows 11 24h2

Microsoft Windows Server 2022 23h2

Microsoft Remote Desktop

Microsoft Windows Server 23h2

Affected Versions

Microsoft Remote Desktop client for Windows Desktop:

Version 1.2.0.0 and below 1.2.5709.0 is affected.

Microsoft Windows 11 version 21H2:

Version 10.0.22000.0 and below 10.0.22000.3260 is affected.

Microsoft Windows 11 version 22H2:

Version 10.0.22621.0 and below 10.0.22621.4317 is affected.

Microsoft Windows 11 version 22H3:

Version 10.0.22631.0 and below 10.0.22631.4317 is affected.

Microsoft Windows 11 Version 23H2:

Version 10.0.22631.0 and below 10.0.22631.4317 is affected.

Microsoft Windows 11 Version 24H2:

Version 10.0.26100.0 and below 10.0.26100.2033 is affected.

Microsoft Windows Server 2022:

Version 10.0.20348.0 and below 10.0.20348.2762 is affected.

Microsoft Windows Server 2022, 23H2 Edition (Server Core installation):

Version 10.0.25398.0 and below 10.0.25398.1189 is affected.

Exploit Probability

EPSS

1.48%

Percentile

70.58%