CVE-2024-49115: 
vulnerability analysis and mitigation

CVE-2024-49115 is a Remote Code Execution vulnerability affecting Windows Remote Desktop Services. The vulnerability was initially discovered and recorded on October 11, 2024, and was publicly disclosed on December 11, 2024. It affects multiple versions of Microsoft Windows Server, including Server 2016, 2019, 2022, and 2025 (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 8.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability is associated with multiple CWE classifications including CWE-362 (Race Condition), CWE-591 (Sensitive Data Storage in Improperly Locked Memory), and CWE-416 (Use After Free) (NVD).

This Remote Code Execution vulnerability in Windows Remote Desktop Services could potentially allow an attacker to execute arbitrary code with high impacts on confidentiality, integrity, and availability of the affected systems. The vulnerability requires no user interaction and can be exploited over the network, though it has high attack complexity (NVD).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates: KB5048671 for Windows Server 2016, KB5048661 for Server 2019, KB5048654 for Server 2022 (21H2 and 22H2), KB5048653 for Server 2022 23H2, and KB5048667 for Server 2025 (Rapid7).