Remote code execution in Microsoft WDAC OLE DB provider for SQL Server



Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-43519
CWE-ID CWE-197
Exploitation vector Network
Public exploit N/A
Vulnerable software
Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Vendor Microsoft

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Numeric Truncation Error

EUVDB-ID: #VU98265

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-43519

CWE-ID: CWE-197 - Numeric Truncation Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to numeric truncation error in Microsoft WDAC OLE DB provider for SQL Server. A remote attacker can trick a victim to connect to a malicious SQL database and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: before 10 21H2 10.0.19044.5011, 10 22H2 10.0.19045.5011, 10 1507 10.0.10240.20796, 10 1607 10.0.14393.7428, 10 1809 10.0.17763.6414, 11 21H2 10.0.22000.3260, 11 22H2 10.0.22621.4317, 11 23H2 10.0.22631.4317, 11 24H2 10.0.26100.2033, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011, 10 21H2 10.0.19044.5011

Windows Server: before 2008 R2 6.1.7601.27366, 2008 6.0.6003.22918, 2012 R2 6.3.9600.22221, 2012 6.2.9200.25118, 2022 10.0.20348.2762, 2022 23H2 10.0.25398.1189, 2008 R2 6.1.7601.27366, 2008 R2 6.1.7601.27366

CPE2.3 External links

http://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43519


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###