CVE-2024-43533

HIGH

Windows 11 21H2-24H2 and Windows Server 2022-2022 23H2 - Remote Code Execution via Remote Desktop Client Use-After-Free

Title source: llm

Remote Desktop Client Remote Code Execution Vulnerability

Core 1

Core References

Patch, Vendor Advisory vendor-advisory

CVSS v3 8.8

EPSS 0.0416

EPSS Percentile 88.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

CWE

CWE-416

Status published

Products (6)

microsoft/windows_11_21h2 < 10.0.22000.3260 (2 CPE variants)

microsoft/windows_11_22h2 < 10.0.22621.4317 (2 CPE variants)

microsoft/windows_11_23h2 < 10.0.22631.4317 (2 CPE variants)

microsoft/windows_11_24h2 < 10.0.26100.2033 (2 CPE variants)

microsoft/windows_server_2022 < 10.0.20348.2762

microsoft/windows_server_2022_23h2 < 10.0.25398.1189

Published Oct 08, 2024

Tracked Since Feb 18, 2026