Special Bulletin
H-ISAC TLP White: Vulnerability Bulletin: Critical TCP/IP RCE on IPv6-Enabled Systems
On August 13, 2024, Microsoft released a patch for a critical Windows TCP/IP Remote Code Execution Vulnerability labeled CVE-2024-38063. The vulnerability, which carries a CVSS score of 9.8, arises from an Integer Underflow weakness. This flaw allows unauthenticated attackers to trigger buffer overflows and execute arbitrary code on Windows 10, Windows 11, and Windows Server systems.
For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact: