H-ISAC TLP White: Vulnerability Bulletin: Critical TCP/IP RCE on IPv6-Enabled Systems

On August 13, 2024, Microsoft released a patch for a critical Windows TCP/IP Remote Code Execution Vulnerability labeled CVE-2024-38063. The vulnerability, which carries a CVSS score of 9.8, arises from an Integer Underflow weakness. This flaw allows unauthenticated attackers to trigger buffer overflows and execute arbitrary code on Windows 10, Windows 11, and Windows Server systems. 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Special Bulletin
Red Cross, America’s Blood Centers, AABB Say U.S. Faces Critical Blood and Platelet Shortages
Public
Advancing Health Podcast
Going International: The FBI's Global Fight Against Cybercrime
Public
Advisory
American Hospital Association and Health-ISAC Joint Threat Bulletin - TLP White
Public
Advisory
Hospitals in Florida, Other States Impacted by Effects of Cyberattack on Blood-donation Nonprofit OneBlood
Member
Advisory
Ransomware Group Warns of Potential Cyberattack
Member
Advisory
New Resources and Offers for AHA Members to Bolster Cybersecurity Efforts
Public