Security
Headlines
HeadlinesLatestCVEs

Tag

#Windows IP Routing Management Snapin

CVE-2024-38115: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

Microsoft Security Response Center
#vulnerability#windows#rce#Windows IP Routing Management Snapin#Security Vulnerability
CVE-2024-38114: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.

CVE-2024-38116: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.