Remote Procedure Call Runtime Remote Code Execution Vulnerability - CVE-2024-20678ID: oval:org.secpod.oval:def:98843 | Date: (C)2024-04-11 (M)2024-04-17 |
Class: VULNERABILITY | Family: windows |
Remote Procedure Call Runtime Remote Code Execution Vulnerability. Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges. To exploit this vulnerability, an authenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows Server |