CVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service
CVE-2024-38077 is a critical vulnerability in the Windows Remote Desktop Licensing Service, which allows remote attackers to execute arbitrary code on vulnerable systems. This vulnerability is due to a heap overflow in the service when processing specific inputs. Exploiting this flaw could lead to full system compromise, allowing attackers to take control without requiring authentication.
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows 10/11 with Remote Desktop Licensing installed
Attackers can exploit this vulnerability by sending specially crafted messages to the affected service, triggering a heap overflow that leads to remote code execution (RCE). This makes it particularly dangerous, as the attacker could potentially run arbitrary code with system-level privileges.
Microsoft has addressed this issue in their latest security patch. Users are strongly encouraged to update their systems immediately to prevent exploitation.
This repository includes a PoC that demonstrates how the vulnerability can be triggered. Note: For educational purposes only.