Latest News
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.
**According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?** An unauthorized attacker must wait for a user to initiate a connection.
**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** An authenticated attacker could exploit this vulnerability with LAN access.
**Why is this CERT/CC CVE included in the Security Update Guide?** A vulnerability exists in the RADIUS protocol that potentially affects many products and implementations of the RFC 2865 in the UDP version of the RADIUS protocol. In brief, RADIUS protocol (RFC 2865) is susceptible to forgery attacks that can modify Access-Accept or Access-Reject RADIUS response. CERT/CC assigned a CVE ID for this vulnerability which all vendors are using for their affected products. Please see KB5040268: How to manage the Access-Request packets attack vulnerability associated with CVE-2024-3596 for information on additional steps that should be done to protect your environment from this vulnerability.
**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**How could an attacker exploit this vulnerability?** An unauthenticated attacker can exploit this vulnerability by sending a malicious request packet via a client machine to a Windows Server configured to be a Multipoint Service over a network, and then waiting for the server to stop or restart.
**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** An authenticated attacker could exploit this vulnerability with LAN access.