Platform
windows
Component
windows-hyper-v
Fixed in
10.0.17763.5820
10.0.17763.5820
10.0.20348.2461
10.0.25398.887
10.0.14393.6981
10.0.14393.6981
6.2.9200.24868
6.2.9200.24868
6.3.9600.21972
6.3.9600.21972
CVE-2024-30010 is a Remote Code Execution (RCE) vulnerability affecting Microsoft Hyper-V. This flaw allows an authenticated attacker to execute arbitrary code on the Hyper-V host system. The vulnerability impacts Windows versions 10 and later, specifically those versions prior to 10.0.25398.887. Microsoft has released a security update to address this issue.
Successful exploitation of CVE-2024-30010 could allow an attacker to gain complete control over the Hyper-V host. This includes the ability to install malware, steal sensitive data, and potentially pivot to other systems within the network. Given Hyper-V's role in virtualization, this vulnerability presents a significant risk, as a compromised host could expose multiple virtual machines and their associated data. The impact is amplified in environments where Hyper-V is used to host critical infrastructure or sensitive applications. A successful attack could lead to data breaches, denial of service, and significant reputational damage.
CVE-2024-30010 was publicly disclosed on May 14, 2024. The vulnerability's complexity suggests it may require specialized knowledge to exploit, but the potential impact warrants immediate attention. There is currently no indication of active exploitation in the wild, but given the RCE nature of the vulnerability, it is likely to become a target for attackers. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
10.40% (93% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-30010 is to upgrade to Windows version 10.0.25398.887 or later. If immediate patching is not possible, consider implementing network segmentation to limit the potential blast radius of a successful attack. Review Hyper-V configuration settings to ensure least privilege principles are enforced. Monitor Hyper-V event logs for suspicious activity, particularly related to network connections and process creation. While a WAF is unlikely to directly mitigate this vulnerability, it can help detect and block malicious traffic attempting to exploit it.
Apply the security updates provided by Microsoft for Windows Server 2019. See the Microsoft security bulletin CVE-2024-30010 for more details and specific update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-30010 is a Remote Code Execution vulnerability in Microsoft Hyper-V allowing attackers to execute code on the host system. It has a HIGH severity rating (CVSS: 8.8).
You are affected if you are running Windows Hyper-V versions prior to 10.0.25398.887. Check your system's version and apply the necessary update.
Upgrade to Windows version 10.0.25398.887 or later. This update addresses the RCE vulnerability and prevents exploitation.
There is currently no confirmed active exploitation of CVE-2024-30010 in the wild, but its RCE nature makes it a likely target for attackers.
Refer to the Microsoft Security Update Guide for CVE-2024-30010: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30010
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.