Trustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)
Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.