CVE-2024-43468
Published Oct 8, 2024
Last updated 3 months ago
AI description
CVE-2024-43468 is a SQL injection vulnerability affecting Microsoft Configuration Manager (SCCM). It allows an unauthenticated attacker with network access to a Management Point to execute arbitrary SQL queries on the site database. The vulnerability stems from the lack of proper sanitization of externally influenced input when constructing SQL commands. Successful exploitation grants the attacker unauthorized access to the SQL server database with the same privileges as the SCCM process, potentially leading to remote code execution, malware deployment, credential theft, and lateral movement within the network.
- Description
- Microsoft Configuration Manager Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- configuration_manager_2403, configuration_manager_2409, configuration_manager_2503
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Configuration Manager SQL Injection Vulnerability
- Exploit added on
- Feb 12, 2026
- Exploit action due
- Mar 5, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-89
- Hype score
- Not currently trending
10月の月例セキュリティ更新では、Microsoft Configuration Manageの修正がでています。現時点で悪用はみられていませんが、リモートで認証なしで悪用できる脆弱性なので早めのパッチを推奨です:[CVE-2024-43468] Configuration Manager に対する深刻度の高い脆弱性について https://t.co/QzCbknyyhC
@EurekaBerry
951 Impressions
2 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortra’s Tyler Reguly is featured in Forbes discussing the critical CVE-2024-43468 vulnerability. He warns that mitigating this vulnerability is far from simple.https://t.co/Dnyhff3wTC #PatchTuesday https://t.co/YJU3J5sKvA
@fortraofficial
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alerta de Seguridad: Vulnerabilidad de Inyección SQL en Microsoft Configuration Manager (CVE-2024-43468) Microsoft Configuration Manager presenta una vulnerabilidad de inyección SQL (CWE-89) que permite a un atacante no autenticado ejecutar comandos en el servidor o bas
@CiberPlanetaOrg
16 Mar 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【Microsoft Configuration Manager(CVE-2024-43468)実悪用:管理基盤SQLiで全社規模侵害の恐れ】 Microsoft Configuration ManagerのSQLインジェクション脆弱性CVE-2024-43468が、実際の攻撃で悪用されている。 この欠陥は未認証で
@01ra66it
10 Mar 2026
324 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【Microsoft Configuration Manager(CVE-2024-43468)KEV:管理基盤SQLiが「全端末支配」に直結】 Microsoft Configuration ManagerのSQLインジェクション(CVE-2024-43468)がKEVとして扱われ、実悪用が進行中と整理された。
@01ra66it
7 Mar 2026
354 Impressions
1 Retweet
1 Like
0 Bookmarks
1 Reply
0 Quotes
Top 10 CVEs for ecosystem (30 days). CVE-2010-5139 CVE-2004-0200 CVE-2008-0015 CVE-2024-43468 CVE-2025-40551 CVE-2018-17144 CVE-2025-11953 CVE-2026-2441 CVE-2026-1731 https://t.co/cWlQJaYf4S #CyberInsights #SecurityUpdate #CyberTrends #TechSecurity #CyberNews #DataProtection
@vulnsocial
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA ALERT: Microsoft SCCM under active attack CVE-2024-43468 (CVSS 9.8) = unauthenticated SQL injection → full RCE If you manage Windows endpoints, SCCM is your "keys to the kingdom" Federal deadline: March 5, 2026 #InfoSec #Microsoft #CISA
@CisoMarketplace
21 Feb 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🤡 Irony Alert: Your patch management needs a patch. CISA confirmed Microsoft SCCM (Configuration Manager) is being actively exploited (CVE-2024-43468). The tool you use to secure the network is now the hole in the network. Patch it or lose the domain. #SCCM #SysAdmin #Cyber
@CyberVeep
19 Feb 2026
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The @CISAgov added 4 exploited bugs to KEV: SolarWinds WHD (CVE-2025-40536, 9.8), MS ConfigMgr SQLi→RCE (CVE-2024-43468, 9.8), Apple (CVE-2026-20700), Notepad++ (CVE-2025-15556). Patch fast. #cybersecurity #CISO #infosec #ITsecurity https://t.co/zHY8g3q1Ph
@SCMagazine
18 Feb 2026
265 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 #Microsoft Configuration Manager, SQL Injection, #CVE-2024-43468 (Critical) https://t.co/3fkLA1vNbh
@dailycve
18 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Actively Exploited SQL Injection Flaw in Microsoft Configuration Manager Tracked as CVE-2024-43468, the vulnerability enables remote attackers to execute arbitrary commands on affected servers and underlying databases through specially crafted requests, stemming
@johndjohnson
17 Feb 2026
72 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
The @CISAgov added 4 exploited bugs to KEV: SolarWinds WHD (CVE-2025-40536, 9.8), MS ConfigMgr SQLi→RCE (CVE-2024-43468, 9.8), Apple (CVE-2026-20700), Notepad++ (CVE-2025-15556). Patch fast. #cybersecurity #CISO #infosec #ITsecurity https://t.co/zHY8g3q1Ph
@SCMagazine
16 Feb 2026
1410 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Alerte Critique CISA : Exploitation Active de CVE-2024-43468 dans Configuration Manager. https://t.co/KOzpBdCCRP
@NicolasCoolman
16 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【リンク集:2月13日〜16日のセキュリティ関連ニュース/記事】 <脆弱性> ・米CISA、Microsoft SCCMの深刻な脆弱性が攻撃に悪用されたと警告(CVE-2024-43468) https://t.co/unx176xFkL ・Chrome 145、11件の脆弱性を修正(CVE
@MachinaRecord
16 Feb 2026
229 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 CVE-2024-43468: Microsoft Configuration Manager ... Critical SQL injection in ConfigMgr grants unauthenticated attackers remote code execution with SYSTEM privileges acros... https://t.co/qfHczHDvOv #netsec #vulnerability #CVE #sysadmin #zeroday
@0dayPublishing
15 Feb 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The @CISAgov added 4 exploited bugs to KEV: SolarWinds WHD (CVE-2025-40536, 9.8), MS ConfigMgr SQLi→RCE (CVE-2024-43468, 9.8), Apple (CVE-2026-20700), Notepad++ (CVE-2025-15556). Patch fast. #cybersecurity #CISO #infosec #ITsecurity https://t.co/zHY8g3q1Ph
@SCMagazine
15 Feb 2026
369 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA just added CVE-2024-43468 (Microsoft SCCM/ConfigMgr) to the Known Exploited Vulnerabilities (KEV) list — meaning it’s being used in real attacks. If you run on‑prem, patch SCCM now: unauthenticated SQL injection https://t.co/oxzOFzICDU https://t.co/mBrBf9dxht
@nxtgen579255
15 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The @CISAgov added 4 exploited bugs to KEV: SolarWinds WHD (CVE-2025-40536, 9.8), MS ConfigMgr SQLi→RCE (CVE-2024-43468, 9.8), Apple (CVE-2026-20700), Notepad++ (CVE-2025-15556). Patch fast. #cybersecurity #CISO #infosec #ITsecurity https://t.co/zHY8g3q1Ph
@SCMagazine
14 Feb 2026
309 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA alerts on critical SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468). Immediate patching required to prevent active exploits. Link: https://t.co/bPgrMh6j0M #CISA #Vulnerability #Security #Patch #Exploits #SQL #Manager #Microsoft #Update #Alert h
@dailytechonx
14 Feb 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
اگر از سرویس SCCM ماکروسافت برای مدیریت سیستم ها و patch management استفاده می کنی ، برو و آسیب پذیری جدیدی که برای این سرویس منتشر شده رو پچ کن. این آسیب پذیری دارای
@EthicalSafe
14 Feb 2026
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA flags critical Microsoft SCCM SQL injection flaw (CVE-2024-43468) allowing remote code execution, exploited in attacks. U.S. federal agencies must patch by March 5 under BOD 22-01. #MicrosoftSCCM #USGov #Vulnerability https://t.co/NAhiIQM2Py
@TweetThreatNews
14 Feb 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks https://t.co/8U6x3RsveX CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw
@f1tym1
14 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Flags Actively Exploited SCCM SQL Injection (CVE-2024-43468) — Patch by Mar 5 CISA added CVE-2024-43468 to the KEV catalog after in-the-wild exploitation: unauthenticated attackers can send crafted HTTP requests to SCCM/ConfigMgr console services to trigger SQL inject
@ThreatSynop
14 Feb 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft SCCMのSQLインジェクション脆弱性CVE-2024-43468(CVSS 9.8)がCISAのKEVカタログに追加されたとの記事です。2024年10月に修正済みながら実際の悪用が確認されており、未適用環境は要注意です。 https://t.co/kSIos0
@dejital_secure
14 Feb 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers finally get around to exploiting critical Microsoft bug CVE-2024-43468 from 2024 -- https://t.co/zUnIQM1vZc
@AndreGironda
13 Feb 2026
363 Impressions
1 Retweet
6 Likes
1 Bookmark
0 Replies
0 Quotes
米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。(2/12追加) 🛡️No.1515 CVE-2024-43468 Microsoft Configuration Manager SQL Injection Vulnerability ============= CVSSスコア: 9.8 (Base) / Microsoft Corporation CVSS:3.1/AV:N/AC
@piyokango
13 Feb 2026
2785 Impressions
0 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA flags exploited SQLi in Microsoft Configuration Manager (CVE-2024-43468) — patch by March 5 CISA added CVE-2024-43468 (CVSS 9.8) to KEV after in-the-wild exploitation, warning the unauthenticated SQL injection can enable arbitrary command execution against ConfigMgr
@ThreatSynop
13 Feb 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA adds 4 actively exploited bugs to KEV: ConfigMgr SQLi, Notepad++ updater, SolarWinds WHD bypass, Apple dyld zero-day CISA added four exploited vulnerabilities to the KEV catalog—CVE-2024-43468 (Microsoft Configuration Manager SQL injection), CVE-2025-15556 (Notepad++
@ThreatSynop
13 Feb 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが4つの既知の脆弱性をカタログに追加 https://t.co/IcMspqhS2E CVE-2024-43468 Microsoft Configuration Manager の SQL インジェクション脆弱性 CVE-2025-15556 Notepad++ における整合性チェックなしのコードダウンロードの脆弱性
@cybersecnews_jp
12 Feb 2026
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログに4件の追加。Microsoft Configuration ManagerのCVE-2024-43468、Notepad++のCVE-2025-15556、SolarWinds Web Help DeskのCVE-2025-40536、Apple複数製品
@__kokumoto
12 Feb 2026
841 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-43468 #Microsoft Configuration Manager SQL Injection Vulnerability https://t.co/BJYmfMgw1F
@ScyScan
12 Feb 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Microsoft vulnerability CVE-2024-43468, Notepad++ vulnerability CVE-2025-15556, SolarWinds vulnerability CVE 2025-40536, & Apple vulnerability CVE-2026-20700 to our KEV Catalog. Apply mitigations to protect your org from cyberattacks. https://t.co/myxOwap1Tf
@CISACyber
12 Feb 2026
6154 Impressions
33 Retweets
84 Likes
6 Bookmarks
1 Reply
3 Quotes
Our ninja @kalimer0x00 is now on stage at #x33fcon to talk about his journey from dissecting SCCM until the discovery of the critical CVE-2024-43468 and the post-exploitation opportunities🔥 https://t.co/ZslLOBNyX7
@Synacktiv
13 Jun 2025
4885 Impressions
22 Retweets
88 Likes
23 Bookmarks
1 Reply
0 Quotes
Got SCCM? You need to hear this! At #x33fcon, @kalimer0x00 will share insights from his SCCM research, including tradecraft from real-world attacks and a critical unauthenticated SQL injection discovery (CVE-2024-43468). Essential for anyone managing or defending SCCM! Learn htt
@x33fcon
2 Jun 2025
1363 Impressions
6 Retweets
14 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-43468: Vulnerabilidad crítica en SCCM permite ejecución remota de código! #ALERT https://t.co/QXEeyk8SRH
@tpx_Security
9 Feb 2025
153 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 RCE in #Microsoft #ConfigMgr (CVE-2024-43468)! Unauthenticated attackers could execute commands via SQL injection in MP_Location service. Public exploits are on GitHub, no wild exploitation yet. ➡️ https://t.co/PUQqgBw62U https://t.co/UhUTxepqW3
@leonov_av
4 Feb 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Configuration Manager の脆弱性 CVE-2024-43468 (CVSS 9.8):PoC コードが公開 https://t.co/J5qM17Dkbg Microsoft Configuration Manager (MCM) に存在する深刻な脆弱性に対して、PoC が提供されました。2024年10月の Patch Tuesday… https://t.co/084lFI6eCZ
@iototsecnews
3 Feb 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚫 CVE-2024-43468 : Microsoft Configuration Manager Remote Code Execution Vulnerability 🔥PoC:https://t.co/CPEiGIS1JA 📌Dorks HUNTER :https://t.co/G5LwnS1fm6="Microsoft Configuration Manager Remote Control service" ▶️Refer:https://t.co/Dzs3rkmIPV https://t.co/lpdKssQ89R
@HackingTeam777
29 Jan 2025
274 Impressions
1 Retweet
2 Likes
2 Bookmarks
0 Replies
0 Quotes
A critical SQL injection vulnerability (CVE-2024-43468) in Microsoft Configuration Manager could allow unauthenticated attacks to execute arbitrary commands. Patches released—urgent implementation needed! 🚨 #Microsoft #SQLInjection link: https://t.co/Qd3yIo1WOl https://t.co/0vR
@TweetThreatNews
27 Jan 2025
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-23006 2 - CVE-2024-50050 3 - CVE-2024-43468 4 - CVE-2025-0282 5 - CVE-2025-21298 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
27 Jan 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CVE-2024-43468: PoC de un Exploit crítico en Microsoft Configuration Manager (CVSS 9.8) sale a luz! https://t.co/PrL7Cx0sUK
@tpx_Security
26 Jan 2025
157 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-49138 2 - CVE-2024-43468 3 - CVE-2024-50050 4 - CVE-2025-20156 5 - CVE-2020-11023 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Jan 2025
167 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-43468 (CVSS 9.8): การใช้ประโยชน์ของผู้จัดการการกําหนดค่าของไมโครซอฟท์เปิดเผยด้วยรหัส PC https://t.co/2Eeiw8zSyV
@freedomhack101
25 Jan 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-43468 (CVSS 9.8): Microsoft Configuration Manager Exploit Revealed with CVE-2024-43468 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/2QYaq5Xuud #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
25 Jan 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43468 (CVSS 9.8): Microsoft Configuration Manager Exploit Revealed with PoC Code https://t.co/Hy5eLQmQnv
@Dinosn
24 Jan 2025
7508 Impressions
53 Retweets
181 Likes
52 Bookmarks
0 Replies
1 Quote
CVE-2024-43468 (CVSS 9.8): Microsoft Configuration Manager Exploit Revealed with PoC Code https://t.co/S6CV1y9606
@samilaiho
24 Jan 2025
12418 Impressions
30 Retweets
80 Likes
48 Bookmarks
3 Replies
2 Quotes
🚨Alert🚨 CVE-2024-43468 : Microsoft Configuration Manager Remote Code Execution Vulnerability 🔥PoC:https://t.co/R6ZpalKYVL 📊 37K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/3AN7iywcLG 👇Query HUNTER :https://t.co/q9rtuGfZuz="Microsoft…
@HunterMapping
24 Jan 2025
3354 Impressions
24 Retweets
62 Likes
26 Bookmarks
0 Replies
0 Quotes
Microsoft Configuration Manager Vulnerability Allows Remote Code Execution – PoC Released https://t.co/40LCSKMsLg A critical vulnerability, CVE-2024-43468, has been identified in Microsoft Configuration Manager (ConfigMgr), posing a severe security risk to organizations relyin…
@f1tym1
20 Jan 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468) https://t.co/8OtnesDd9A
@Dinosn
17 Jan 2025
2077 Impressions
2 Retweets
7 Likes
4 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2025-0282: Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE - https://t.co/IGCw9K0YEM 2. CVE-2024-43468: MS Configuration Manager (ConfigMgr/SCCM) 2403 Unauthenticated SQLi - https://t.co/TCEXzMaR5B
@ksg93rd
17 Jan 2025
216 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:configuration_manager_2403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA84B441-EDC4-4871-AB6D-CDD3C638F5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:configuration_manager_2409:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3832F552-1DE3-49A3-8B2B-C75C0D404279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:configuration_manager_2503:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F476484B-C570-4389-A9D1-B6AE2B1C11F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]