CVE-2024-43572
Microsoft Windows Management Console Remote Code Execution Vulnerability - [Actively Exploited]
Description
Microsoft Management Console Remote Code Execution Vulnerability
INFO
Published Date :
Oct. 8, 2024, 6:15 p.m.
Last Modified :
Oct. 21, 2025, 11:16 p.m.
Remotely Exploit :
No
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://msrc.microsoft.com/update-guide/advisory/CVE-2024-43572 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43572
Affected Products
                                            The following products are affected by CVE-2024-43572
                                            vulnerability.
                                            Even if cvefeed.io is aware of the exact versions of the
                                            products
                                            that
                                            are
                                            affected, the information is not represented in the table below.
                                        
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source | 
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | [email protected] | 
Solution
- Apply the appropriate security update for your Windows version.
- Reboot the system if required.
Public PoC/Exploit Available at Github
                                            CVE-2024-43572 has a 1 public
                                            PoC/Exploit available at Github.
                                            Go to the Public Exploits tab to see the list.
                                        
References to Advisories, Solutions, and Tools
                                            Here, you will find a curated list of external links that provide in-depth
                                            information, practical solutions, and valuable tools related to
                                            CVE-2024-43572.
                                        
| URL | Resource | 
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572 | Patch Vendor Advisory | 
| https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43572 | 
CWE - Common Weakness Enumeration
            While CVE identifies
            specific instances of vulnerabilities, CWE categorizes the common flaws or
            weaknesses that can lead to vulnerabilities. CVE-2024-43572 is
            associated with the following CWEs:
        
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
            (CAPEC)
            stores attack patterns, which are descriptions of the common attributes and
            approaches employed by adversaries to exploit the CVE-2024-43572
            weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Official writeups for Hack The Box University CTF 2024
Python Shell
Results are limited to the first 15 repositories due to potential performance issues.
			The following list is the news that have been mention
			CVE-2024-43572 vulnerability anywhere in the article.
		
 
									- 
                                                            
                                                                Proofpoint 
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
June 04, 2025 Nick Attfield and Konstantin Klinger in collaboration with Threatray’s Abdallah Elshinbary and Jonas Wagner This is a two-part blog series, detailing research undertaken in collaboration ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Critical Vulnerability (CVE-2025-31498) Patched in c-ares DNS Library
The Domain Name System (DNS) plays a pivotal role, translating human-friendly domain names into the numerical IP addresses that computers understand. And at the heart of many applications facilitating ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after adding two newly discovered Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, co ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE
In a deep dive published by Guy Bruneau, Senior Security Consultant and former network engineer, the lingering dangers of a years-old Cisco vulnerability—CVE-2018-0171—are laid bare with fresh insight ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Critical SSRF Vulnerability Patched in LNbits Lightning Wallet Server
LNbits, the modular and extendable Lightning Network wallet server, has patched a critical Server-Side Request Forgery (SSRF) vulnerability that exposed internal services to potential exploitation via ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
High-Severity XXE Vulnerability Found in NAKIVO Backup & Replication
A high-severity security vulnerability has been identified in NAKIVO Backup & Replication, a popular data protection solution. The vulnerability, classified as an XML External Entity (XXE) issue and t ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Critical Vulnerabilities: CISA Alerts to Windows CLFS and Gladinet CentreStack Threats
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) added two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the urgency for users to apply ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Windows CLFS Zero-Day Exploited to Deploy Ransomware
Microsoft Threat Intelligence has disclosed active exploitation of a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The exploit, used in the wild, enab ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Siemens Security Alert: Critical Vulnerabilities in SENTRON 7KT PAC1260 Data Manager
In a recent security advisory, Siemens ProductCERT has revealed multiple critical vulnerabilities affecting the SENTRON 7KT PAC1260 Data Manager. The advisory, published on April 8, 2025, warns that t ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556)
A newly disclosed vulnerability in Kibana, the popular open-source data visualization front-end for Elasticsearch, has been rated CVSS 8.7 due to its potential to allow remote code injection under spe ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Chrome Update Fixes High-Severity “Use After Free” Vulnerability
The Chrome Stable channel has been updated to version 135.0.7049.84/.85 for Windows and Mac, and to 135.0.7049.84 for Linux. This update will be rolling out to users over the coming days and weeks. Th ... Read more
 
									- 
                                                            
                                                                Daily CyberSecurity 
Microsoft April 2025 Patch Tuesday: Critical Security Updates and Zero-Day Exploits
This April, Microsoft’s Patch Tuesday release addresses a significant number of vulnerabilities, highlighting the ever-present need for robust cybersecurity practices. The tech giant rolled out fixes ... Read more
 
									- 
                                                            
                                                                Kaspersky 
Exploits and vulnerabilities in Q4 2024
Q4 2024 saw fewer published exploits for Windows and Linux compared to the first three quarters. Although the number of registered vulnerabilities continued to rise, the total number of Proof of Conce ... Read more
 
									- 
                                                            
                                                                The Hacker News 
New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer
Endpoint Security / Vulnerability Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR St ... Read more
 
									- 
                                                            
                                                                Cyber Security News 
Rhadamanthys Infostealer Exploiting Microsoft Management Console to Execute Malicious Script
Researchers uncovered an ongoing campaign distributing the Rhadamanthys Infostealer through malicious Microsoft Management Console (MMC) files (.MSC), leveraging both a patched DLL vulnerability and l ... Read more
 
									- 
                                                            
                                                                TheCyberThrone 
Microsoft Patch Tuesday Year 2024 Analysis
In 2024, Microsoft’s Patch Tuesday updates played a critical role in addressing security vulnerabilities across various platforms. Throughout the year, a total of 1,000+ vulnerabilities were patched, ... Read more
 
									- 
                                                            
                                                                Help Net Security 
November 2024 Patch Tuesday forecast: New servers arrive early
Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near t ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
CISA Expands KEV Catalog with Four Actively Exploited Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an updated advisory regarding four security vulnerabilities actively exploited in the wild. These vulnerabilities, now included i ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
Cybercriminals Exploit DocuSign API to Send Convincing Phishing Invoices at Scale
Use of DocuSign's official templates, complete with legitimate branding | Image: WallarmIn a sophisticated twist on phishing, cybercriminals are now leveraging DocuSign’s API to send fraudulent invoic ... Read more
 
									- 
                                                            
                                                                Cybersecurity News 
PythonRatLoader: The Malware Loader That’s Turning Phishing Into a Multi-Stage Attack
Attack Flow | Image: CofenseA recent report by Adam Martin and Kian Buckley Maher from the Cofense Phishing Defense Center (PDC) has revealed a sophisticated malware loader, PythonRatLoader, that is b ... Read more
                The following table lists the changes that have been made to the
                CVE-2024-43572 vulnerability over time.
            
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
- 
                            CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0Oct. 21, 2025 Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43572 
- 
                            CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0Oct. 21, 2025 Action Type Old Value New Value Removed Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43572 
- 
                            CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0Oct. 21, 2025 Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43572 
- 
                            Reanalysis by [email protected]Oct. 25, 2024 Action Type Old Value New Value Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.6414 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.6414 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.6414 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.2762 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22000.3260 *cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22000.3260 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5011 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.4317 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.4317 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5011 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_22h3:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.4317 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.4317 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.25398.1189 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.2033 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.2033 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20796 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20796 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7428 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7428 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7428 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.22918 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.22918 *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:* versions up to (excluding) 6.0.6003.22918 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:* versions up to (excluding) 6.0.6003.22918 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* versions up to (excluding) 6.2.9200.25118 Removed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.9600.22221 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20796 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20796 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7428 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7428 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.6414 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.22000.3260 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.22621.4317 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.4317 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.4317 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.26100.2033 *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x32:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7428 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.6414 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348..2762 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1189 
- 
                            Initial Analysis by [email protected]Oct. 10, 2024 Action Type Old Value New Value Changed Reference Type https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572 No Types Assigned https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572 Patch, Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.6414 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.6414 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.6414 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.2762 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22000.3260 *cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22000.3260 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5011 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5011 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.4317 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.4317 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5011 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5011 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_22h3:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.4317 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.4317 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.25398.1189 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.2033 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.2033 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20796 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20796 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7428 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7428 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7428 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.22918 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.22918 *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:* versions up to (excluding) 6.0.6003.22918 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:* versions up to (excluding) 6.0.6003.22918 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* versions up to (excluding) 6.2.9200.25118 Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:* versions up to (excluding) 6.3.9600.22221 
- 
                            CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725Oct. 09, 2024 Action Type Old Value New Value Added Due Date 2024-10-29 Added Vulnerability Name Microsoft Windows Management Console Remote Code Execution Vulnerability Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Date Added 2024-10-08 
- 
                            CVE Received by [email protected]Oct. 08, 2024 Action Type Old Value New Value Added Description Microsoft Management Console Remote Code Execution Vulnerability Added Reference Microsoft Corporation https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572 [No types assigned] Added CWE Microsoft Corporation CWE-707 Added CVSS V3.1 Microsoft Corporation AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 
 
                         
                         
                         
                                             
                                            