Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
schneierBruce SchneierSCHNEIER:8395C93507B785D8138ED1C832440102
HistoryAug 16, 2024 - 11:07 a.m.

New Windows IPv6 Zero-Click Vulnerability

2024-08-1611:07:29
Bruce Schneier
www.schneier.com
47
windows
ipv6
zero-click
vulnerability
exploitability
patching

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

41.9%

JSON

The press is reporting a critical Windows vulnerability affecting IPv6.

> As Microsoft explained in its Tuesday advisory, unauthenticated attackers can exploit the flaw remotely in low-complexity attacks by repeatedly sending IPv6 packets that include specially crafted packets.
>
> Microsoft also shared its exploitability assessment for this critical vulnerability, tagging it with an "exploitation more likely" label, which means that threat actors could create exploit code to "consistently exploit the flaw in attacks."

Details are being withheld at the moment. Microsoft strongly recommends patching now.

Related

githubexploit 18
exploitdb 1
packetstorm 1
nvd 1
mscve 1
cvelist 1
vulnrichment 1
zdt 1
cve 1
talosblog 1
qualysblog 1
mskb 15
nessus 14
openvas 6
kaspersky 2
rapid7blog 1
githubexploit
githubexploit
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
2024-08-20 08:48:08
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
2024-09-03 14:36:35
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
2024-08-17 14:58:36
exploitdb
exploitdb
Windows TCP/IP - RCE Checker and Denial of Service
2024-08-28 00:00:00
packetstorm
packetstorm
Microsoft Windows IPv6 CVE-2024-38063 Checker / Denial Of Service
2024-08-29 00:00:00
nvd
nvd
CVE-2024-38063
2024-08-13 18:15:10
mscve
mscve
Windows TCP/IP Remote Code Execution Vulnerability
2024-08-13 07:00:00
cvelist
cvelist
CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability
2024-08-13 17:29:58
vulnrichment
vulnrichment
CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability
2024-08-13 17:29:58
zdt
zdt
Windows TCP/IP - Remote Code Execution Checker and Denial of Service Exploit
2024-08-28 00:00:00
cve
cve
CVE-2024-38063
2024-08-13 18:15:10
talosblog
talosblog
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed
2024-08-13 19:12:45
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, August 2024 Security Update Review
2024-08-13 20:31:30
mskb
mskb
August 13, 2024—KB5041847 (Security-only update)
2024-08-13 07:00:00
August 13, 2024—KB5041850 (Monthly Rollup)
2024-08-13 07:00:00
September 10, 2024—KB5043067 (OS Build 22000.3197)
2024-09-10 07:00:00
nessus
nessus
KB5041847: Windows Server 2008 Security Update (August 2024)
2024-08-13 00:00:00
KB5041823: Windows Server 2008 R2 Security Update (August 2024)
2024-08-13 00:00:00
KB5041850: Windows Server 2008 Security Update (August 2024)
2024-08-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5041782)
2024-08-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5041580)
2024-08-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5041773)
2024-08-14 00:00:00
kaspersky
kaspersky
KLA71485 Multiple vulnerabilities in Microsoft Products (ESU)
2024-08-13 00:00:00
KLA71484 Multiple vulnerabilities in Microsoft Windows
2024-08-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2024
2024-08-13 23:36:30

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

41.9%

JSON
Related for SCHNEIER:8395C93507B785D8138ED1C832440102
githubexploit18exploitdb1packetstorm1nvd1mscve1cvelist1vulnrichment1zdt1cve1talosblog1qualysblog1mskb15nessus14openvas6kaspersky2rapid7blog1