Windows KDC Proxy Remote Code Execution Vulnerability
The vulnerability affects the KDC Proxy service (Kerberos Key Distribution Center Proxy), which mediates Kerberos communication over the network. An attacker can remotely, without any authentication and user interaction, send a specially crafted request to the KDC Proxy service, leading to arbitrary code execution on the vulnerable server. The network attack vector with low attack complexity indicates that exploiting this vulnerability is relatively simple.
An attacker can gain full control over the vulnerable system — steal confidential data, modify files, and disrupt service operations (violation of confidentiality, integrity, and availability).
Security updates released by Microsoft as part of November 2024 Patch Tuesday should be applied immediately, in accordance with references available at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43639. As a temporary measure, consider restricting network access to the KDC Proxy service to trusted hosts only.
Microsoft Windows Server 2012, Windows Server 2016, Windows Server 2019, Windows Server 2022 — detailed information about affected versions available in vendor references.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrosoft Windows Server 2012
OSMicrosoftr2Microsoft Windows Server 2016
OSMicrosoft< 10.0.14393.7515Microsoft Windows Server 2019
OSMicrosoft< 10.0.17763.6532Microsoft Windows Server 2022
OSMicrosoft< 10.0.20348.2849Microsoft Windows Server 2022 23h2
OSMicrosoft< 10.0.25398.1251Microsoft Windows Server 2025
OSMicrosoft< 10.0.26100.2314
Related vulnerabilities
RCE w Windows Server Update Service (WSUS) — deserializacja danych
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows S...