Detections
Analytics
CVE-2024-43451
medium
Description
NTLM Hash Disclosure Spoofing Vulnerability
From the Tenable Blog
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)
Published: 2024-11-12
Microsoft addresses 87 CVEs and one advisory (ADV240001) in its November 2024 Patch Tuesday release, with four critical vulnerabilities and four zero-day vulnerabilities, including two that were exploited in the wild.
References
https://thehackernews.com/2025/04/cve-2025-24054-under-active.html
https://www.darkreading.com/cyberattacks-data-breaches/multiple-group-exploiting-ntlm-flaw
https://research.checkpoint.com/2025/cve-2025-24054-ntlm-exploit-in-the-wild/
https://www.securityweek.com/1600-victims-hit-by-south-american-apts-malware/
https://thehackernews.com/2025/03/blind-eagle-hacks-colombian.html
https://www.darkreading.com/cyberattacks-data-breaches/apt-blind-eagle-targets-colombian-government
https://research.checkpoint.com/2025/blind-eagle-and-justice-for-all/
https://www.helpnetsecurity.com/2024/11/14/cve-2024-43451-exploited/
https://thehackernews.com/2024/11/russian-hackers-exploit-new-ntlm-flaw.html
https://www.clearskysec.com/0d-vulnerability-exploited-in-the_wild/
https://securityaffairs.com/170851/hacking/microsoft-patch-tuesday-november-2024.html
https://www.helpnetsecurity.com/2024/11/12/cve-2024-43451-cve-2024-49039/
https://www.darkreading.com/cloud-security/2-zero-day-bugs-microsoft-nov-update-active-exploit