CVE-2024-43537

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43537	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_1809:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_21h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_10_21h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_21h2:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_22h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_10_22h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_22h2:::::::x86:*
	cpe:2.3:o:microsoft:windows_11_21h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_11_21h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_11_22h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_11_22h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_11_23h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_11_23h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_11_24h2:::::::arm64:*
	cpe:2.3:o:microsoft:windows_11_24h2:::::::x64:*
	cpe:2.3:o:microsoft:windows_server_2019::::::::
	cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::

History

No history.

Information

Published : 2024-10-08 18:15

Updated : 2024-10-16 21:51

NVD link : CVE-2024-43537

Mitre link : CVE-2024-43537

CVE.ORG link : CVE-2024-43537

JSON object : View

Products Affected

microsoft

windows_11_23h2
windows_10_21h2
windows_11_22h2
windows_10_1809
windows_11_21h2
windows_11_24h2
windows_server_2022_23h2
windows_10_22h2
windows_server_2019

CWE

CWE-125

Out-of-bounds Read

CWE-908

Use of Uninitialized Resource

NVD-CWE-noinfo

{"id": "CVE-2024-43537", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secure@microsoft.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-10-08T18:15:18.263", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43537", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secure@microsoft.com", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-908"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Windows Mobile Broadband Driver Denial of Service Vulnerability"}, {"lang": "es", "value": "Vulnerabilidad de denegaci\u00f3n de servicio del controlador de banda ancha de Windows Mobile"}], "lastModified": "2024-10-16T21:51:05.800", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "EE205A52-173D-44F2-AAD0-A45F5FF4D603", "versionEndExcluding": "10.0.17763.6414"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "8ED2CAD8-D2E2-4AF5-874A-2938D3C3EA0F", "versionEndExcluding": "10.0.17763.6414"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "D13B5EE1-0F5A-4DD8-9462-18FC0D2A59EE", "versionEndExcluding": "10.0.19044.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "857DFFF9-C926-41C5-96E6-7CD3DD86FDD8", "versionEndExcluding": "10.0.19044.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "73AD21BF-973F-47E2-8831-A8B9DD066D75", "versionEndExcluding": "10.0.19044.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "6DDD519F-4617-4958-A2AA-5E5EC9D6E0E1", "versionEndExcluding": "10.0.19045.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "FD728A6F-4F70-4407-B19C-92DF529793EC", "versionEndExcluding": "10.0.19045.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "11B05B8E-F956-45E2-A735-B3169384178F", "versionEndExcluding": "10.0.19045.5011"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "FE4A4090-29D6-4B44-9B01-858886DAD93D", "versionEndExcluding": "10.0.22000.3260"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "41629AD7-FF9A-4C54-9FFE-800F4C1E719B", "versionEndExcluding": "10.0.22000.3260"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "89687486-E330-4475-9119-0E0AD18F8129", "versionEndExcluding": "10.0.22621.4317"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "0B0F11A8-E14B-4A82-BB09-C4259FC6B0E6", "versionEndExcluding": "10.0.22621.4317"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "FD22B308-7AB1-4820-8B4F-E79C18DB0FF0", "versionEndExcluding": "10.0.22631.4317"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "6D7CF880-E057-4694-8DD2-FF62D41A5BB7", "versionEndExcluding": "10.0.22631.4317"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "A96AD8F2-2C5E-4446-BC52-D166EF8ECEC4", "versionEndExcluding": "10.0.17763.6414"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "EEC9889B-04BF-40B1-A0BD-832582061565", "versionEndExcluding": "10.0.17763.6414"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F003109E-32C0-4044-89D6-2747366E051D", "versionEndExcluding": "10.0.17763.6414"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B68BF1-40C7-45E9-BD3C-8CEE104054E9", "versionEndExcluding": "10.0.25398.1189"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}