CVE-2024-49106: 
vulnerability analysis and mitigation

CVE-2024-49106 is a Remote Code Execution vulnerability affecting Windows Remote Desktop Services. The vulnerability was discovered and reported to Microsoft, with the initial CVE record being created on October 11, 2024. The affected systems include multiple versions of Windows Server, including Server 2016, 2019, 2022, and 2025 (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability is associated with multiple CWE classifications including CWE-362 (Race Condition), CWE-416 (Use After Free), and CWE-591 (Sensitive Data Storage in Improperly Locked Memory) (NVD).

This Remote Code Execution vulnerability in Windows Remote Desktop Services could potentially allow attackers to execute arbitrary code on affected systems, with high impacts on confidentiality, integrity, and availability of the affected systems (Microsoft Advisory).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates including KB5048671 for Windows Server 2016, KB5048661 for Server 2019, KB5048654 for Server 2022, KB5048653 for Server 2022 23H2, and KB5048667 for Server 2025 (Rapid7).