CVE-2024-38154

Summary

CVE-2024-38154 is a newly disclosed vulnerability affecting the Windows Routing and Remote Access Service (RRAS). This issue permits an unauthenticated remote attacker to execute arbitrary code on the targeted system. Exploitation of this vulnerability could result in complete system compromise. The vulnerability stems from a flaw in the RRAS component's handling of Remote Procedure Call (RPC) packets. Microsoft has released a security advisory and a patch to address this issue. It is highly recommended that organizations apply the patch as soon as possible to mitigate the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.