- Description
- Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-122
- Hype score
- Not currently trending
Another demo of CVE-2024-38077(Windows Remote Desktop Licensing Service Pre-auth 0-Click Remote Code Execute) by 78ResearchLab(@78_lab) #CVE_2024_38077 #0_Click_RCE https://t.co/JnqK4f1w7h
@krNeoTra
1 Dec 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windows Remote Desktop Licensing Service Pre-auth RCE (CVE-2024-38077) Analysis https://t.co/bObMB5TIUR
@78_lab
25 Nov 2025
1513 Impressions
8 Retweets
19 Likes
14 Bookmarks
0 Replies
0 Quotes
#BHASIA Briefing "One Bug to Rule Them All: Stably Exploiting a Preauth RCE Vulnerability on Windows Server 2025" will explore the attack surface of the Remote Desktop Licensing Service, focusing on the newly identified vulnerability, CVE-2024-38077, which impacts all versions of
@BlackHatEvents
23 Jan 2025
3418 Impressions
0 Retweets
10 Likes
0 Bookmarks
0 Replies
0 Quotes
S2W has published a threat intelligence report on the #Windows server #vulnerability CVE-2024-38077, which it has been closely monitoring. If you want to learn more about the report, visit us at the link below! https://t.co/5bNmLFm6D8 https://t.co/xuCjz4inl0
@S2W_Official
9 Dec 2024
228 Impressions
0 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59C9A2A5-AE44-4583-A7B1-B8D62B0E83BB",
"versionEndExcluding": "10.0.14393.7159"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3401E6F7-2430-4247-8A22-0B733A03501A",
"versionEndExcluding": "10.0.17763.6054"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E433A09-F730-4EBE-8050-8789755B0D35",
"versionEndExcluding": "10.0.20348.2582"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDA01A4A-9AED-484A-8B10-3282FA13F635",
"versionEndExcluding": "10.0.25398.1009"
}
],
"operator": "OR"
}
]
}
]