CVE-2024-21307

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 9, 2024

Updated: May 29, 2024

CWE ID 362

CWE ID 416

Summary

CVE-2024-21307 is a newly disclosed remote code execution vulnerability affecting Remote Desktop Clients. Hackers can exploit this weakness by sending specially crafted RDP packets to targeted systems, potentially gaining unauthorized access and executing malicious code. Successful exploitation could result in significant data loss or system compromise. It is recommended that affected organizations immediately apply the necessary patches to mitigate this risk. Users should also be vigilant for phishing attempts and unsolicited RDP connections.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uFgVjA
https://www.cve.org/CVERecord?id=CVE-2024-21307
https://nvd.nist.gov/vuln/detail/CVE-2024-21307

Back to Vulnerability Database

CVE-2024-21307

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations