Lucene search
MicrosoftCVE-2024-21407HistoryMar 12, 2024 - 5:15 p.m.
CVE-2024-21407
2024-03-1217:15:49
CWE-416
microsoft
web.nvd.nist.gov
207
43
cve-2024-21407
windows
hyper-v
remote code execution
vulnerability
nvd
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
48.3%
Windows Hyper-V Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_10_1507Range<10.0.10240.20526x64
ORmicrosoftwindows_10_1607Range<10.0.14393.6796x64
ORmicrosoftwindows_10_1809Range<10.0.17763.5576x64
ORmicrosoftwindows_10_21h2Range<10.0.19044.4170arm64
ORmicrosoftwindows_10_22h2Range<10.0.19045.4170x64
ORmicrosoftwindows_11_21h2Range<10.0.22000.2836
ORmicrosoftwindows_11_22h2Range<10.0.22621.3296
ORmicrosoftwindows_11_23h2Range<10.0.22631.3296x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Range<10.0.14393.6796
ORmicrosoftwindows_server_2019Range<10.0.17763.5576
ORmicrosoftwindows_server_2022Range<10.0.20348.2333
ORmicrosoftwindows_server_2022_23h2Range<10.0.25398.763
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_23h2 | * | cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* |
| microsoft | windows_server_2012 | - | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2012 | r2 | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5576:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.5576",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5576:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.5576",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5576:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.5576",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2333:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.2340",
"versionType": "custom",
"status": "affected"
},
{
"version": "10.0.0",
"lessThan": "10.0.20348.2333",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.2836",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.4170:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19044.4170",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22621.3296",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.4170:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19045.4170",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H3",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:arm64:*"
],
"platforms": [
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22631.3296",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 Version 23H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22631.3296",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.763:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.25398.763",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1507",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20526:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.10240.20526",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6796:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6796",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6796",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6796",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24768",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24768",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21871:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21871",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21871:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21871",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
prion
prion
Remote code execution
2024-03-12 17:15:00
vulnrichment
vulnrichment
CVE-2024-21407 Windows Hyper-V Remote Code Execution Vulnerability
2024-03-12 16:57:59
mscve
mscve
Windows Hyper-V Remote Code Execution Vulnerability
2024-03-12 07:00:00
cnvd
cnvd
cvelist
cvelist
CVE-2024-21407 Windows Hyper-V Remote Code Execution Vulnerability
2024-03-12 16:57:59
nvd
nvd
CVE-2024-21407
2024-03-12 17:15:49
hivepro
hivepro
Microsoftβs March 2024 Patch Tuesday Addresses 60 Vulnerabilities
2024-03-14 18:10:28
malwarebytes
malwarebytes
Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws
2024-03-13 15:13:40
talosblog
talosblog
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review
2024-03-12 18:37:05
thn
thn
mskb
mskb
March 12, 2024βKB5035930 (Monthly Rollup)
2024-03-12 07:00:00
March 12, 2024βKB5035885 (Monthly Rollup)
2024-03-12 07:00:00
March 12, 2024βKB5035858 (OS Build 10240.20526)
2024-03-12 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5035930)
2024-03-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5035858)
2024-03-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5035849)
2024-03-13 00:00:00
nessus
nessus
KB5035930: Windows Server 2012 Security Update (March 2024)
2024-03-12 00:00:00
KB5035855: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2024)
2024-03-12 00:00:00
KB5035885: Windows Server 2012 R2 Security Update (March 2024)
2024-03-12 00:00:00
kaspersky
kaspersky
KLA65123 Multiple vulnerabilities in Microsoft Products (ESU)
2024-03-12 00:00:00
KLA65126 Multiple vulnerabilities in Microsoft Windows
2024-03-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
48.3%
Related for CVE-2024-21407