KEV · Actively exploited
CVE-2024-43572
HIGH 7.8
KEV
Microsoft Management Console Remote Code Execution Vulnerability
EPSS
48.94%
moderate exploit risk
percentile 97.8%
CISA Known Exploited Vulnerability
- Added to KEV
- 2024-10-08
- Remediation deadline
- 2024-10-29
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 (Server Core installation) 10.0.20348.2762 Windows Server 2022 10.0.25398.1189 Windows Server 2019 (Server Core installation) 10.0.17763.6414 Windows Server 2019 10.0.17763.6414 Windows Server 2016 (Server Core installation) 10.0.14393.7428 Windows Server 2016 10.0.14393.7428 Windows 11 24H2 · 2024-H2 10.0.26100.2033 Windows 11 23H2 · 2023-H2 10.0.22631.4317 Windows 11 22H2 · 2022-H2 10.0.22621.4317 Windows 11 21H2 · 2021-H2 10.0.22000.3260 Windows 10 22H2 · 2022-H2 10.0.19045.5011 Windows 10 21H2 · 2021-H2 10.0.19044.5011 Windows 10 1809 · 2018-09 10.0.17763.6414 Windows 10 1607 · 2016-07 10.0.14393.7428