CVE-2024-1243

Sažetak

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for remote code execution or used to escalate privileges to SYSTEM via AD CS certificate forging and other similar attacks.

Reference

https://github.com/wazuh/wazuh/security/advisories/GHSA-3crh-39qv-fxj7
https://pentraze.com/
https://pentraze.com/vulnerability-reports/CVE-2024-1243/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

11-06-2025 - 02:15

Objavljeno

11-06-2025 - 02:15