Windows Cryptographic Services Remote Code Execution Vulnerability - CVE-2024-30020ID: oval:org.secpod.oval:def:10000150 | Date: (C)2024-05-15 (M)2024-05-23 |
Class: VULNERABILITY | Family: windows |
Windows Cryptographic Services Remote Code Execution Vulnerability. The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack. For successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows Server |