Vulnerabilities > CVE-2024-38044 - Incorrect Conversion between Numeric Types vulnerability in Microsoft products

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

microsoft

CWE-681

NVD

Published: 2024-07-09

Updated: 2024-07-11

Summary

DHCP Server Service Remote Code Execution Vulnerability

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 - Microsoft Windows Server 2016 - Microsoft Windows Server 2016 10.0.14393.5717 Microsoft Windows Server 2016 10.0.14393.6614 Microsoft Windows Server 2022 - Microsoft Windows Server 2022 10.0.20348.230 Microsoft Windows Server 2022 10.0.20348.261 Microsoft Windows Server 2022 10.0.20348.288 Microsoft Windows Server 2022 10.0.20348.320 Microsoft Windows Server 2022 10.0.20348.350 Microsoft Windows Server 2022 10.0.20348.380 Microsoft Windows Server 2022 10.0.20348.405 Microsoft Windows Server 2022 10.0.20348.407 Microsoft Windows Server 2022 10.0.20348.469 Microsoft Windows Server 2022 10.0.20348.473 Microsoft Windows Server 2022 10.0.20348.502 Microsoft Windows Server 2022 10.0.20348.524 Microsoft Windows Server 2022 10.0.20348.558 Microsoft Windows Server 2022 10.0.20348.587 Microsoft Windows Server 2022 10.0.20348.617 Microsoft Windows Server 2022 10.0.20348.643 Microsoft Windows Server 2022 10.0.20348.681 Microsoft Windows Server 2022 10.0.20348.707 Microsoft Windows Server 2022 10.0.20348.709 Microsoft Windows Server 2022 10.0.20348.740 Microsoft Windows Server 2022 10.0.20348.768 Microsoft Windows Server 2022 10.0.20348.803 Microsoft Windows Server 2022 10.0.20348.825 Microsoft Windows Server 2022 10.0.20348.859 Microsoft Windows Server 2022 10.0.20348.887 Microsoft Windows Server 2022 10.0.20348.946 Microsoft Windows Server 2022 10.0.20348.1006 Microsoft Windows Server 2022 10.0.20348.1070 Microsoft Windows Server 2022 10.0.20348.1129 Microsoft Windows Server 2022 10.0.20348.1131 Microsoft Windows Server 2022 10.0.20348.1194 Microsoft Windows Server 2022 10.0.20348.1249 Microsoft Windows Server 2022 10.0.20348.1251 Microsoft Windows Server 2022 10.0.20348.1311 Microsoft Windows Server 2022 10.0.20348.1366 Microsoft Windows Server 2022 10.0.20348.1368 Microsoft Windows Server 2022 10.0.20348.1487 Microsoft Windows Server 2022 10.0.20348.1547 Microsoft Windows Server 2022 10.0.20348.1607 Microsoft Windows Server 2022 10.0.20348.1668 Microsoft Windows Server 2022 10.0.20348.1724 Microsoft Windows Server 2022 10.0.20348.1726 Microsoft Windows Server 2022 10.0.20348.1787 Microsoft Windows Server 2022 10.0.20348.1850 Microsoft Windows Server 2022 10.0.20348.1906 Microsoft Windows Server 2022 10.0.20348.1970 Microsoft Windows Server 2022 10.0.20348.2031 Microsoft Windows Server 2022 10.0.20348.2113 Microsoft Windows Server 2022 10.0.20348.2159 Microsoft Windows Server 2022 10.0.20348.2227 Microsoft Windows Server 2019 - Microsoft Windows Server 2019 10.0.17763.4010 Microsoft Windows Server 2019 10.0.17763.5329 Microsoft Windows Server 2022 23H2 - Microsoft Windows Server 2022 23H2 10.0.25398.521 Microsoft Windows Server 2022 23H2 10.0.25398.531 Microsoft Windows Server 2022 23H2 10.0.25398.584 Microsoft Windows Server 2022 23H2 10.0.25398.643	183

Common Weakness Enumeration (CWE)

CWE-681 - Incorrect Conversion between Numeric Types

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38044