Home

Description

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

PUBLISHED Reserved 2024-06-11 | Published 2024-07-09 | Updated 2025-10-14 | Assigner microsoft




CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-191: Integer Underflow (Wrap or Wraparound)

Product status

10.0.17763.0 (custom) before 10.0.17763.6054
affected

10.0.17763.0 (custom) before 10.0.17763.6054
affected

10.0.20348.0 (custom) before 10.0.20348.2582
affected

10.0.25398.0 (custom) before 10.0.25398.1009
affected

10.0.14393.0 (custom) before 10.0.14393.7159
affected

10.0.14393.0 (custom) before 10.0.14393.7159
affected

6.1.7601.0 (custom) before 6.1.7601.27219
affected

6.1.7601.0 (custom) before 6.1.7601.27219
affected

6.2.9200.0 (custom) before 6.2.9200.24975
affected

6.2.9200.0 (custom) before 6.2.9200.24975
affected

6.3.9600.0 (custom) before 6.3.9600.22074
affected

6.3.9600.0 (custom) before 6.3.9600.22074
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074 (Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability) vendor-advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074 (Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability) vendor-advisory

cve.org (CVE-2024-38074)

nvd.nist.gov (CVE-2024-38074)

Download JSON