CVE-2024-38234

MEDIUM EPSS 56.1%

Published Sep 10, 20241y ago · Modified Jun 17, 20261w ago

6.5 CVSS 3.1

Medium

Published Sep 10, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Windows Networking Denial of Service Vulnerability

Base Score

6.5

Exploitability

2.8

Impact

3.6

Vector string

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality None

Integrity None

Availability High

EPSS Exploit Probability

56.1% percentile

Exploit & Patch Status

No Known Exploit

Patch Available

CWE-20 Improper Input Validation Validation

Vendor	Product	Version	Range
microsoft	windows_10_1507	*	<10.0.10240.20766
microsoft	windows_10_1507	*	<10.0.10240.20766
microsoft	windows_10_1607	*	<10.0.14393.7336
microsoft	windows_10_1607	*	<10.0.14393.7336
microsoft	windows_10_1809	*	<10.0.17763.6293
microsoft	windows_10_21h2	*	<10.0.19044.4894
microsoft	windows_10_22h2	*	<10.0.19041.4894
microsoft	windows_10_22h2	*	<10.0.19045.4894
microsoft	windows_10_22h2	*	<10.0.19045.4894
microsoft	windows_11_21h2	*	<10.0.22000.3197
microsoft	windows_11_22h2	*	<10.0.22621.4169
microsoft	windows_11_23h2	*	<10.0.22631.4169
microsoft	windows_11_23h2	*	<10.0.22631.4169
microsoft	windows_11_24h2	*	<10.0.26100.1742
microsoft	windows_11_24h2	*	<10.0.26100.1742
microsoft	windows_server_2008	*	any
microsoft	windows_server_2008	*	any
microsoft	windows_server_2008	r2	any
microsoft	windows_server_2012	*	any
microsoft	windows_server_2012	r2	any
microsoft	windows_server_2016	*	<10.0.14393.7336
microsoft	windows_server_2019	*	<10.0.17763.6293
microsoft	windows_server_2022	*	<10.0.20348.2700
microsoft	windows_server_2022_23h2	*	<10.0.25398.1128

msrc.microsoft.com https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38234

PatchVendor Advisory

msrc.microsoft.com https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38234

PatchVendor Advisory