Vulnerability-Lookup

CVE-2024-43571 (GCVE-0-2024-43571)

Vulnerability from cvelistv5 – Published: 2024-10-08 17:36 – Updated: 2025-07-08 15:39

Title

Sudo for Windows Spoofing Vulnerability

Summary

Sudo for Windows Spoofing Vulnerability

Severity ?

5.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C

CWE

CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints

Assigner

microsoft

References

URL

	Vendor	Product	Version
	Microsoft	Windows 11 Version 24H2	Affected: 10.0.26100.0 , < 10.0.26100.2033 (custom)

GHSA-5V3R-FF3V-F3Q4

Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33

Details

Sudo for Windows Spoofing Vulnerability

Severity ?

5.6 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-43571"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-923"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-08T18:15:24Z",
    "severity": "MODERATE"
  },
  "details": "Sudo for Windows Spoofing Vulnerability",
  "id": "GHSA-5v3r-ff3v-f3q4",
  "modified": "2024-10-08T18:33:16Z",
  "published": "2024-10-08T18:33:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43571"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-43571

Vulnerability from fstec - Published: 08.10.2024

Title

Уязвимость утилиты системного администрирования Sudo операционных систем Windows, позволяющая нарушителю проводить спуфинг-атаки

Description

Уязвимость утилиты системного администрирования Sudo операционных систем Windows связана с неправильным ограничением канала связи для предполагаемых конечных точек. Эксплуатация уязвимости может позволить нарушителю проводить спуфинг-атаки

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

Vendor

Microsoft Corp

Software Name

Windows 11 24H2

Software Version

- (Windows 11 24H2)

Possible Mitigations

Использование рекомендаций: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571

Reference

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571 https://github.com/microsoft/sudo

CWE

CWE-923

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:P/A:N",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Windows 11 24H2)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.10.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-08004",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-43571",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows 11 24H2",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows 11 24H2 - 64-bit, Microsoft Corp Windows 11 24H2 - ARM64",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433-\u0430\u0442\u0430\u043a\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a (CWE-923)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433-\u0430\u0442\u0430\u043a\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571\nhttps://github.com/microsoft/sudo",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-923",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,6)"
}

CERTFR-2024-AVI-0854

Vulnerability from certfr_avis - Published: 2024-10-09 - Updated: 2024-10-09

De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Microsoft indique que les vulnérabilités CVE-2024-43572 et CVE-2024-43573 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.4317
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.2033
Microsoft	Windows	Windows Server 2012 versions antérieures à 6.2.9200.25118
Microsoft	Windows	Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.4317
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) versions antérieures à 6.1.7601.27366
Microsoft	Windows	Windows Server 2016 versions antérieures à 10.0.14393.7428
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.7428
Microsoft	Windows	Windows Server 2012 R2 versions antérieures à 6.3.9600.22221
Microsoft	Windows	Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.7428
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.5011
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22918
Microsoft	Windows	Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.6414
Microsoft	Windows	Windows 10 pour systèmes x64 versions antérieures à 10.0.10240.20796
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.22221
Microsoft	Windows	Windows Server 2022 versions antérieures à 10.0.20348..2762
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22621.4317
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.6414
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.5011
Microsoft	Windows	Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348..2762
Microsoft	Windows	Windows 10 pour systèmes 32 bits versions antérieures à 10.0.10240.20796
Microsoft	Windows	Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.1189
Microsoft	Windows	Remote Desktop client pour Windows Desktop versions antérieures à 1.2.5709.0
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.6414
Microsoft	Windows	Windows Server 2019 versions antérieures à 10.0.17763.6414
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.5011
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.7428
Microsoft	Windows	Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.2033
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 versions antérieures à 6.0.6003.22918
Microsoft	Windows	Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25118
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 versions antérieures à 6.1.7601.27366
Microsoft	Windows	Windows 11 version 21H2 pour systèmes ARM64 antérieures à 10.0.22000.3260
Microsoft	Windows	Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.5011
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) versions antérieures à 6.0.6003.22918
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.5011
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 versions antérieures à 6.0.6003.22918
Microsoft	Windows	Windows 11 version 21H2 pour systèmes x64 antérieures à 10.0.22000.3260
Microsoft	Windows	Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22621.4317
Microsoft	Windows	Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.5011

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Windows CVE-2024-43562	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38262	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43521	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43511	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43565	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43538	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43556	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43518	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43554	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43599	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43542	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43608	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43575	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43534	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43527	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43551	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43541	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43552	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38149	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-37976	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43582	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43553	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43555	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43549	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43615	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43522	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43515	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43536	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43593	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43547	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43564	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43517	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43508	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38261	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43520	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43524	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38129	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43581	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-30092	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43456	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38124	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43558	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43544	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43545	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43500	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43525	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43573	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-37979	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43567	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43506	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43572	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43546	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43509	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43533	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43529	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43563	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43559	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43502	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-37982	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43512	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38265	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38029	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43519	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43557	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-6197	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43560	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43561	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43543	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43513	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43453	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43607	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43514	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43585	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43571	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43583	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43537	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43589	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43550	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43540	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-20659	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43501	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-38212	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43532	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43574	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43523	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43535	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43570	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-37983	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43584	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43611	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43516	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43528	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43592	2024-10-08	vendor-advisory
Bulletin de sécurité Microsoft Windows CVE-2024-43526	2024-10-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.4317",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.2033",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25118",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.4317",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation) versions ant\u00e9rieures \u00e0 6.1.7601.27366",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.7428",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.7428",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.22221",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.7428",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22918",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.6414",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.10240.20796",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.22221",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348..2762",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22621.4317",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.6414",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348..2762",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.10240.20796",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.1189",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.5709.0",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.6414",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.6414",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.7428",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.2033",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22918",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25118",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 versions ant\u00e9rieures \u00e0 6.1.7601.27366",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64 ant\u00e9rieures \u00e0 10.0.22000.3260",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.0.6003.22918",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 versions ant\u00e9rieures \u00e0 6.0.6003.22918",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 version 21H2 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.22000.3260",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22621.4317",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.5011",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-43542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43542"
    },
    {
      "name": "CVE-2024-43582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43582"
    },
    {
      "name": "CVE-2024-37983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37983"
    },
    {
      "name": "CVE-2024-43533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43533"
    },
    {
      "name": "CVE-2024-38265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38265"
    },
    {
      "name": "CVE-2024-43535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43535"
    },
    {
      "name": "CVE-2024-20659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20659"
    },
    {
      "name": "CVE-2024-43583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43583"
    },
    {
      "name": "CVE-2024-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43565"
    },
    {
      "name": "CVE-2024-43555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43555"
    },
    {
      "name": "CVE-2024-30092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30092"
    },
    {
      "name": "CVE-2024-43563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43563"
    },
    {
      "name": "CVE-2024-43508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43508"
    },
    {
      "name": "CVE-2024-43543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43543"
    },
    {
      "name": "CVE-2024-43572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43572"
    },
    {
      "name": "CVE-2024-38029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38029"
    },
    {
      "name": "CVE-2024-43513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43513"
    },
    {
      "name": "CVE-2024-43561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43561"
    },
    {
      "name": "CVE-2024-43573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43573"
    },
    {
      "name": "CVE-2024-43585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43585"
    },
    {
      "name": "CVE-2024-43509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43509"
    },
    {
      "name": "CVE-2024-43592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43592"
    },
    {
      "name": "CVE-2024-43524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43524"
    },
    {
      "name": "CVE-2024-43522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43522"
    },
    {
      "name": "CVE-2024-43558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43558"
    },
    {
      "name": "CVE-2024-37979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37979"
    },
    {
      "name": "CVE-2024-43562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43562"
    },
    {
      "name": "CVE-2024-43516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43516"
    },
    {
      "name": "CVE-2024-43514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43514"
    },
    {
      "name": "CVE-2024-43512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43512"
    },
    {
      "name": "CVE-2024-43515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43515"
    },
    {
      "name": "CVE-2024-38129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38129"
    },
    {
      "name": "CVE-2024-37982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37982"
    },
    {
      "name": "CVE-2024-43556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43556"
    },
    {
      "name": "CVE-2024-43574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43574"
    },
    {
      "name": "CVE-2024-43593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43593"
    },
    {
      "name": "CVE-2024-43523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43523"
    },
    {
      "name": "CVE-2024-43581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43581"
    },
    {
      "name": "CVE-2024-43554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43554"
    },
    {
      "name": "CVE-2024-43559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43559"
    },
    {
      "name": "CVE-2024-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43552"
    },
    {
      "name": "CVE-2024-43532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43532"
    },
    {
      "name": "CVE-2024-43537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43537"
    },
    {
      "name": "CVE-2024-43506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43506"
    },
    {
      "name": "CVE-2024-43546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43546"
    },
    {
      "name": "CVE-2024-43575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43575"
    },
    {
      "name": "CVE-2024-43500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43500"
    },
    {
      "name": "CVE-2024-43549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43549"
    },
    {
      "name": "CVE-2024-43521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43521"
    },
    {
      "name": "CVE-2024-43518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43518"
    },
    {
      "name": "CVE-2024-43534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43534"
    },
    {
      "name": "CVE-2024-43544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43544"
    },
    {
      "name": "CVE-2024-43538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43538"
    },
    {
      "name": "CVE-2024-43545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43545"
    },
    {
      "name": "CVE-2024-43525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43525"
    },
    {
      "name": "CVE-2024-43599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43599"
    },
    {
      "name": "CVE-2024-43560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43560"
    },
    {
      "name": "CVE-2024-43607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43607"
    },
    {
      "name": "CVE-2024-43608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43608"
    },
    {
      "name": "CVE-2024-43536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43536"
    },
    {
      "name": "CVE-2024-43502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43502"
    },
    {
      "name": "CVE-2024-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43551"
    },
    {
      "name": "CVE-2024-38149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38149"
    },
    {
      "name": "CVE-2024-43567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43567"
    },
    {
      "name": "CVE-2024-38262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38262"
    },
    {
      "name": "CVE-2024-43527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43527"
    },
    {
      "name": "CVE-2024-43520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43520"
    },
    {
      "name": "CVE-2024-43564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43564"
    },
    {
      "name": "CVE-2024-43453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43453"
    },
    {
      "name": "CVE-2024-43589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43589"
    },
    {
      "name": "CVE-2024-43553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43553"
    },
    {
      "name": "CVE-2024-43615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43615"
    },
    {
      "name": "CVE-2024-43526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43526"
    },
    {
      "name": "CVE-2024-6197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
    },
    {
      "name": "CVE-2024-43571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43571"
    },
    {
      "name": "CVE-2024-38124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38124"
    },
    {
      "name": "CVE-2024-43547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43547"
    },
    {
      "name": "CVE-2024-43456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43456"
    },
    {
      "name": "CVE-2024-38261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38261"
    },
    {
      "name": "CVE-2024-43557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43557"
    },
    {
      "name": "CVE-2024-43528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43528"
    },
    {
      "name": "CVE-2024-43501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43501"
    },
    {
      "name": "CVE-2024-43584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43584"
    },
    {
      "name": "CVE-2024-43541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43541"
    },
    {
      "name": "CVE-2024-43517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43517"
    },
    {
      "name": "CVE-2024-43519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43519"
    },
    {
      "name": "CVE-2024-43540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43540"
    },
    {
      "name": "CVE-2024-37976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37976"
    },
    {
      "name": "CVE-2024-43550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43550"
    },
    {
      "name": "CVE-2024-43570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43570"
    },
    {
      "name": "CVE-2024-43511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43511"
    },
    {
      "name": "CVE-2024-43611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43611"
    },
    {
      "name": "CVE-2024-43529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43529"
    },
    {
      "name": "CVE-2024-38212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38212"
    }
  ],
  "initial_release_date": "2024-10-09T00:00:00",
  "last_revision_date": "2024-10-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0854",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nMicrosoft indique que les vuln\u00e9rabilit\u00e9s CVE-2024-43572 et CVE-2024-43573 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43562",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43562"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38262",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38262"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43521",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43521"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43511",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43511"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43565",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43565"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43538",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43538"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43556",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43518",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43518"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43554",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43554"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43599",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43599"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43542",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43542"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43608",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43608"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43575",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43575"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43534",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43534"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43527",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43527"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43551",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43551"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43541",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43541"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43552",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43552"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38149",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38149"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-37976",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37976"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43582",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43582"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43553",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43553"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43555",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43555"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43549",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43549"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43615",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43615"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43522",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43522"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43515",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43515"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43536",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43536"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43593",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43593"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43547",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43547"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43564",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43564"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43517",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43517"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43508",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43508"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38261",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38261"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43520",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43520"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43524",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43524"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38129",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38129"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43581",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43581"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-30092",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30092"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43456",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43456"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38124",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38124"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43558",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43558"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43544",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43544"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43545",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43545"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43500",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43500"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43525",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43525"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43573",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-37979",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37979"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43567",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43567"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43506",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43506"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43572",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43546",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43546"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43509",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43509"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43533",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43533"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43529",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43529"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43563",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43563"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43559",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43559"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43502",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43502"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-37982",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37982"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43512",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43512"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38265",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38265"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38029",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38029"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43519",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43519"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43557",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43557"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-6197",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6197"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43560",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43560"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43561",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43561"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43543",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43543"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43513",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43513"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43453",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43453"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43607",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43607"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43514",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43514"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43585",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43585"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43571",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43583",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43583"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43537",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43537"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43589",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43589"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43550",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43550"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43540",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43540"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-20659",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20659"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43501",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43501"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-38212",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38212"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43532",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43532"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43574",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43574"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43523",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43523"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43535",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43535"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43570",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43570"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-37983",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37983"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43584",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43584"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43611",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43611"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43516",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43516"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43528",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43528"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43592",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43592"
    },
    {
      "published_at": "2024-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2024-43526",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43526"
    }
  ]
}

FKIE_CVE-2024-43571

Vulnerability from fkie_nvd - Published: 2024-10-08 18:15 - Updated: 2024-10-16 21:53

Severity ?

5.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

Sudo for Windows Spoofing Vulnerability

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	microsoft	windows_11_24h2	*
	microsoft	windows_11_24h2	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "1262CACE-C787-4F46-9E12-C9F254225FC5",
              "versionEndExcluding": "10.0.26100.2033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
              "matchCriteriaId": "ED2BB762-C417-4B64-80A2-ED152893FAD7",
              "versionEndExcluding": "10.0.26100.2033",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sudo for Windows Spoofing Vulnerability"
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de suplantaci\u00f3n de identidad de Sudo para Windows"
    }
  ],
  "id": "CVE-2024-43571",
  "lastModified": "2024-10-16T21:53:47.887",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 4.2,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-08T18:15:24.400",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-923"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-43571 (GCVE-0-2024-43571)

GHSA-5V3R-FF3V-F3Q4

CVE-2024-43571

CERTFR-2024-AVI-0854

Solutions

FKIE_CVE-2024-43571

Tags

Sightings

Nomenclature