Plattform
windows
Komponente
windows-hyper-v
Behoben in
10.0.17763.5820
10.0.17763.5820
10.0.20348.2461
10.0.25398.887
10.0.14393.6981
10.0.14393.6981
6.2.9200.24868
6.2.9200.24868
6.3.9600.21972
6.3.9600.21972
CVE-2024-30010 is a Remote Code Execution (RCE) vulnerability affecting Microsoft Hyper-V. This flaw allows an authenticated attacker to execute arbitrary code on the Hyper-V host system. The vulnerability impacts Windows versions 10 and later, specifically those versions prior to 10.0.25398.887. Microsoft has released a security update to address this issue.
Successful exploitation of CVE-2024-30010 grants an attacker the ability to execute arbitrary code within the Hyper-V host's context. This means they could install malware, steal sensitive data, modify system configurations, or even gain persistent access to the system. Given Hyper-V's role in virtualization, this vulnerability poses a significant risk to environments hosting multiple virtual machines. An attacker could potentially pivot from a compromised VM to the host, gaining control over all VMs running on that host. The blast radius extends to any data or services hosted within the affected Hyper-V environment, making this a high-priority vulnerability to address.
CVE-2024-30010 was publicly disclosed on May 14, 2024. Its severity is rated HIGH with a CVSS score of 8.8. While no public exploits have been released as of this writing, the RCE nature of the vulnerability and its impact on a critical system component (Hyper-V) suggest a high probability of exploitation. It is not currently listed on the CISA KEV catalog, but this could change. Monitor security advisories and threat intelligence feeds for updates.
Organizations heavily reliant on Hyper-V for virtualized workloads are at significant risk. This includes businesses using Hyper-V to host critical applications, development environments, or test servers. Environments with older, unpatched Windows versions are particularly vulnerable. Shared hosting providers utilizing Hyper-V also face increased exposure.
• windows / supply-chain:
Get-WinEvent -LogName Security -Filter "EventID = 4688 -MessageText '*Hyper-V*'"• windows / supply-chain:
Get-Process -Name HyperVHostProcess | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.TaskName -like '*HyperV*'}disclosure
Exploit-Status
EPSS
10.40% (93% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-30010 is to upgrade to Windows Hyper-V version 10.0.25398.887 or later. If immediate patching is not possible due to compatibility concerns or testing requirements, consider implementing network segmentation to isolate Hyper-V hosts from untrusted networks. Review and restrict access to Hyper-V management interfaces, enforcing strong authentication and multi-factor authentication where possible. Monitor Hyper-V event logs for suspicious activity, particularly related to network connections and process execution. After upgrade, confirm by verifying the Hyper-V version is 10.0.25398.887 or higher using systeminfo | findstr /i "OS Name".
Aplique las actualizaciones de seguridad proporcionadas por Microsoft para Windows Server 2019. Consulte el boletín de seguridad de Microsoft CVE-2024-30010 para obtener más detalles e instrucciones específicas sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-30010 is a Remote Code Execution vulnerability in Microsoft Hyper-V allowing attackers to execute code on the host system. It has a HIGH severity rating (CVSS: 8.8).
You are affected if you are running Windows Hyper-V versions prior to 10.0.25398.887. Check your system's version and apply the necessary update.
Upgrade to Windows version 10.0.25398.887 or later. This update addresses the RCE vulnerability and prevents exploitation.
There is currently no confirmed active exploitation of CVE-2024-30010 in the wild, but its RCE nature makes it a likely target for attackers.
Refer to the Microsoft Security Update Guide for CVE-2024-30010: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30010
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.