CVE-2024-30078 is a Windows Wi-Fi driver vulnerability with low exploit complexity that enables distant code execution
Final June 11, Microsoft made public in its «Patch Tuesdays» a high-impact vulnerability affecting the Windows Wi-Fi driver, which leads to distant code execution. Exploitation doesn't require authentication and is carried out by sending a specifically crafted community packet with out the necessity for interplay from the sufferer, which means low exploitation complexity, thus rising the chance of the vulnerability.
This safety incident has been identified as CVE-2024-30078, alerting the digital safety neighborhood to the urgency of mitigating this risk. Some malicious actors are already promoting a supposed exploit for $5000 USD. This is the reason a extremely lively exploitation is predicted in a brief time frame.
Fundamental options of CVE-2024-30078
The principle traits of this vulnerability are detailed beneath:
- CVE Identifier: CVE-2024-30078
- CVSS Rating: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (8.8 Excessive)
- Launch date: 11/06/2024
- Affected software program: Windows Wi-Fi driver
- Exploitation Necessities: Bodily proximity to the sufferer, particularly inside Wi-Fi community vary.
Affected Variations
Working System | Affected Variations | Plataforms |
---|---|---|
Windows 10 Model 1809 | Affected from 10.0.0 earlier than 10.0.17763.5936 | 32-bit Methods, x64-based Methods, ARM64-based Methods |
Windows Server 2019 | Affected from 10.0.0 earlier than 10.0.17763.5936 | x64-based Methods |
Windows Server 2019 (Server Core set up) | Affected from 10.0.0 earlier than 10.0.17763.5936 | x64-based Methods |
Windows Server 2022 | Affected from 10.0.0 earlier than 10.0.20348.2527 Affected from 10.0.0 earlier than 10.0.20348.2522 | x64-based Methods |
Windows 11 Model 21H2 | Affected from 10.0.0 earlier than 10.0.22000.3019 | x64-based Methods, ARM64-based Methods |
Windows 10 Model 21H2 | Affected from 10.0.0 earlier than 10.0.19044.4529 | 32-bit Methods, ARM64-based Methods |
Windows 11 Model 22H2 | Affected from 10.0.0 earlier than 10.0.22621.3737 | ARM64-based Methods, x64-based Methods |
Windows 10 Model 22H2 | Affected from 10.0.0 earlier than 10.0.19045.4529 | x64-based Methods, ARM64-based Methods, 32-bit Methods |
Windows 11 Model 22H3 | Affected from 10.0.0 earlier than 10.0.22631.3737 | ARM64-based Methods |
Windows 11 Model 23H2 | Affected from 10.0.0 earlier than 10.0.22631.3737 | x64-based Methods |
Windows Server 2022, 23H2 Version (Server Core set up) | Affected from 10.0.0 earlier than 10.0.25398.950 | x64-based Methods |
Windows 10 Model 1507 | Affected from 10.0.0 earlier than 10.0.10240.20680 | 32-bit Methods, x64-based Methods |
Windows 10 Model 1607 | Affected from 10.0.0 earlier than 10.0.14393.7070 | 32-bit Methods, x64-based Methods |
Windows Server 2016 | Affected from 10.0.0 earlier than 10.0.14393.7070 | x64-based Methods |
Windows Server 2016 (Server Core set up) | Affected from 10.0.0 earlier than 10.0.14393.7070 | x64-based Methods |
Windows Server 2008 Service Pack 2 | Affected from 6.0.0 earlier than 6.0.6003.22720 | 32-bit Methods |
Windows Server 2008 Service Pack 2 (Server Core set up) | Affected from 6.0.0 earlier than 6.0.6003.22720 | 32-bit Methods, x64-based Methods |
Windows Server 2008 Service Pack 2 | Affected from 6.0.0 earlier than 6.0.6003.22720 | x64-based Methods |
Windows Server 2008 R2 Service Pack 1 | Affected from 6.1.0 earlier than 6.1.7601.27170 | x64-based Methods |
Windows Server 2008 R2 Service Pack 1 (Server Core set up) | Affected from 6.0.0 earlier than 6.1.7601.27170 | x64-based Methods |
Windows Server 2012 | Affected from 6.2.0 earlier than 6.2.9200.24919 | x64-based Methods |
Windows Server 2012 (Server Core set up) | Affected from 6.2.0 earlier than 6.2.9200.24919 | x64-based Methods |
Windows Server 2012 R2 | Affected from 6.3.0 earlier than 6.3.9600.22023 | x64-based Methods |
Windows Server 2012 R2 (Server Core set up) | Affected from 6.3.0 earlier than 6.3.9600.22023 | x64-based Methods |
Mitigation of CVE-2024-30078
The principle resolution is to urgently upgrade the Windows model to the brand new variations out there that right this vulnerability, as indicated within the desk above.
Vulnerability detection
The presence of the vulnerability might be recognized by the Windows model.
As a part of its rising vulnerabilities service, Tarlogic proactively displays the perimeter of its purchasers to report, detect, and urgently notify of the presence of this vulnerability, in addition to different essential threats that would have a severe influence on the safety of their belongings.