Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-38063 PoC — Microsoft Windows TCP/IP component 数字错误漏洞

Source
https://github.com/ThemeHackers/CVE-2024-38063
Associated Vulnerability
Title:Microsoft Windows TCP/IP component 数字错误漏洞 (CVE-2024-38063)
Description:Microsoft Windows tcp/ip是美国微软(Microsoft)公司的一个 Windows 的 Tcp/Ip 支持服务。 Microsoft Windows TCP/IP component存在数字错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 f
Description
CVE-2024-38063 is a critical security vulnerability in the Windows TCP/IP stack that allows for remote code execution (RCE)
Readme
# CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerability

## Overview

**CVE-2024-38063** is a critical security vulnerability in the Windows TCP/IP stack that allows for remote code execution (RCE). The vulnerability is due to improper handling of IPv6 network packets by Windows, which can be exploited by an attacker to execute arbitrary code on a vulnerable system.

- **CVE ID**: CVE-2024-38063
- **CVSS Score**: 9.8 (Critical)
- **Impact**: Remote Code Execution
- **Affected Components**: Windows TCP/IP stack
- **Exploitation Vector**: Network (Remote)

## Vulnerability Details

An attacker can exploit CVE-2024-38063 by sending specially crafted IPv6 packets to a target machine. Due to the improper handling of these packets, the attacker can trigger a buffer overflow, leading to the execution of malicious code with escalated privileges. This can result in unauthorized access, data breaches, or complete system compromise.

## Affected Versions

This vulnerability affects all supported versions of Windows, including:

- Windows 10
- Windows 11
- Windows Server 2016, 2019, and 2022 (including Server Core installations)

## Mitigation and Patching

Microsoft has released security patches to address this vulnerability as part of the August 2024 Patch Tuesday. It is strongly recommended to apply these patches immediately to protect your systems.

### Mitigation Steps

- **Disable IPv6**: If IPv6 is not required in your environment, consider disabling it to reduce the attack surface.
- **Apply Security Updates**: Ensure that all systems are updated with the latest security patches from Microsoft.

## How to Apply the Patch

1. **Windows Update**: Go to `Settings > Update & Security > Windows Update` and check for updates.
2. **WSUS**: Use Windows Server Update Services (WSUS) to deploy updates across your network.
3. **Manual Installation**: Download the patches from the [Microsoft Update Catalog](https://www.catalog.update.microsoft.com/) and install them manually.

## References

- [Microsoft Security Advisory for CVE-2024-38063](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063)
- [Tenable Security Response Team - August 2024 Patch Tuesday](https://www.tenable.com/blog/microsoft-august-2024-patch-tuesday)
- [CVE Details and Mitigation](https://www.cve.news/cve-2024-38063/)

## Disclaimer

This document is provided for informational purposes only and does not constitute any legal obligation or warranty. Please refer to the official Microsoft documentation and advisory for comprehensive guidance.
File Snapshot

 [4.0K]  /data/pocs/a175492c7fc51d2013f8a2752286863c4b356d25
├── [2.2K]  CVE-2024-38063.py
├── [1.0K]  LICENSE
└── [2.5K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.