Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows LDAP Remote Code Execution Vulnerability
Vulnerability
A use-after-free vulnerability has been identified in the Windows LDAP (Lightweight Directory Access Protocol) client. This vulnerability allows an unauthorized attacker to execute code remotely over the network. The issue arises from a race condition that can be exploited by sending specially crafted requests to a vulnerable LDAP server.
Impact
Exploitation of this vulnerability could lead to remote code execution on the affected system.
Reproduction
To reproduce this vulnerability, an unauthorized attacker can send a series of specially crafted requests to a vulnerable LDAP server. The exploitation takes advantage of a race condition, leading to a use-after-free scenario that can be leveraged for remote code execution.
Remediation
Security updates are available for various Windows versions, including Windows 10 (both 32-bit and x64-based systems), Windows Server 2022, and Windows 11 Version 24H2 for x64-based and ARM64-based systems. Users should ensure these updates are installed.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
4.6remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.