Security
Headlines
HeadlinesLatestCVEs

Tag

#Windows DHCP Server

CVE-2024-38044: DHCP Server Service Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated DHCP Server privileges. As is best practice, regular validation and audits of administrative groups should be conducted.

Microsoft Security Response Center
#vulnerability#rce#Windows DHCP Server#Security Vulnerability
CVE-2024-30070: DHCP Server Service Denial of Service Vulnerability

The following mitigating factors might be helpful in your situation: Customers who have not configured their DHCP server as a failover are not affected by this vulnerability.

CVE-2024-26195: DHCP Server Service Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted.

CVE-2024-26202: DHCP Server Service Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted.

CVE-2023-35643: DHCP Server Service Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is remote heap memory.

CVE-2023-36012: DHCP Server Service Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.

CVE-2023-36801: DHCP Server Service Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.

CVE-2023-38162: DHCP Server Service Denial of Service Vulnerability

The following mitigating factors might be helpful in your situation: Customers who have not configured their DHCP server as a failover are not affected by this vulnerability.

CVE-2023-38152: DHCP Server Service Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.

CVE-2023-29355: DHCP Server Service Information Disclosure Vulnerability

The following mitigating factors might be helpful in your situation: Customers who have not configured their DHCP server as a failover are not affected by this vulnerability.