Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2024-38140: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

The following mitigating factors might be helpful in your situation:

This vulnerability is only exploitable only if there is a program listening on a Pragmatic General Multicast (PGM) port. If PGM is installed or enabled but no programs are actively listening as a receiver, then this vulnerability is not exploitable.

PGM does not authenticate requests so it is recommended to protect access to any open ports at the network level (e.g. with a firewall). It is not recommended to expose a PGM receiver to the public internet.

Microsoft Security Response Center
#vulnerability#windows#rce#auth#Reliable Multicast Transport Driver (RMCAST)#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-10488: Chromium: CVE-2024-10488 Use after free in WebRTC