CVE-2024-43593 HIGH

CVE-2024-43593: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Vendor Microsoft
Product Windows Server 2008 Service Pack 2
Weakness CWE-20 · Input validation
Published October 8, 2024
Last update June 9, 2026
View on NVD All CVEs

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

What the vulnerability does

01Description

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Key dates

02Disclosure timeline

October 8, 2024 CVE published
June 9, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-25339 CVE-2026-42261 PromptHub: Authenticated SSRF via IPv6 filter bypass in `POST /api/skills/fetch-remote` CVE-2026-45676 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent CVE-2021-36030 Magento Commerce Improper Input Validation During Checkout Process Could Lead To Privilege Escalation CVE-2019-1936 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability