Severity Level: Critical
Title:
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Summary:
CVE-2024-49113 was titled as “Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability”. LDAP is the protocol that workstations and servers in Microsoft’s Active Directory use to access and maintain directory services information. The title of the vulnerability means that the vulnerability probably has something to do with LDAP-related code. On MSRC’s page for the CVE, Microsoft provided a few details, but on the RCE vulnerability there was additional interesting data
Recommendations:
Applying the mitigations will decrease the risk of an attacker successfully convincing or tricking a victim into connecting to a malicious server.
References:
click here