It is worth mentioning that this query is based on the partial information we currently have about the characteristics of this vulnerability. Besides the potential identification of suspicious spikes, this query can help prioritize CVE-2024-38063 patching within your organization's infrastructure.
The team is still tracking the CVE-2024-38063 vulnerability and will publish an update in case needed. If you have any questions, please do not hesitate to reach out to us.
Sincerely, Team Axon.
Posted Aug 20, 2024 - 08:54 UTC
Investigating
Team Axon is aware of a new critical RCE flaw (CVE-2024-38063) affecting Windows operating systems. To take advantage of this vulnerability, an unauthenticated attacker can repeatedly send IPv6 packets that include specially crafted packets, to a Windows machine which could enable remote code execution.
The vulnerability affects a wide range of Windows operating system versions, including new OS versions. To mitigate the risk, it is crucial to install the relevant security patch as soon as possible. Detailed patch information can be found here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063
It is worth mentioning that: - According to Microsoft, systems are not affected if IPv6 is disabled on the target machine. - At the moment there are no indications of active exploitations in the wild, however, due to the characteristics of this vulnerability, it is very likely that proof of concept will be released. Hence, quick installation of the relevant security updates is highly recommended.
Please don’t hesitate to contact us for further assistance or any relevant questions.