Critical LDAP Vulnerabilities Found in Active Directory
/ 1 min read
🔒🖥️ Critical LDAP Vulnerabilities Discovered in Active Directory Domain Controllers. SafeBreach Labs has identified two severe vulnerabilities in Active Directory Domain Controllers (DCs), CVE-2024-49112 and CVE-2024-49113, which could lead to remote code execution and denial of service, respectively. The vulnerabilities were disclosed on December 10, 2024, with CVE-2024-49113 receiving a CVSS score of 9.8. SafeBreach Labs developed a proof of concept that demonstrates how an attacker can exploit these vulnerabilities to crash unpatched Windows servers. The research emphasizes the urgency of applying Microsoft’s patch to mitigate these risks, as the flaws could significantly compromise network security. Organizations are advised to monitor for suspicious activity related to these vulnerabilities until they can implement the necessary updates.
