CVE-2024-43468

critical

Description

Microsoft Configuration Manager Remote Code Execution Vulnerability

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468

https://www.theregister.com/2026/02/13/critical_microsoft_bug_from_2024/

https://thehackernews.com/2026/02/researchers-observe-in-wild.html

https://securityaffairs.com/187937/security/u-s-cisa-adds-solarwinds-web-help-desk-notepad-microsoft-configuration-manager-and-apple-devices-flaws-to-its-known-exploited-vulnerabilities-catalog.html

https://www.cisa.gov/news-events/alerts/2026/02/12/cisa-adds-four-known-exploited-vulnerabilities-catalog

https://www.tenable.com/blog/microsoft-october-2024-patch-tuesday-addresses-117-cves-cve-2024-43572-cve-2024-43573

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43468

Details

Source: Mitre, NVD

Published: 2024-10-08

Updated: 2026-02-13

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.87457