| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2024-26221 | Windows DNS Server Remote Code Execution Vulnerability | Windows Server | Important | 23-04-2024 |
Technical Information
A privileged attacker with the query access to the DNS may perform network based attack and if the timing of DNS queries is perfect, attacker may be able to execute code remotely on the target server.
Patch release date: Apr 09, 2024
Further information on this vulnerability is available at : CVE-2024-26221
All the mentioned vulnerabilities are reported in the same windows DNS server and may have similar impact.
CVE-2024-26222:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26222
CVE-2024-26223:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26223
CVE-2024-26224:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26224
CVE-2024-26227:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26227
CVE-2024-26231:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26231
CVE-2024-26233:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26233
Affected Software
Windows Server 2019,Windows Server 2019 (Server Core installation),
Windows Server 2022,
Windows Server 2022 (Server Core installation),
Windows Server 2022, 23H2 Edition (Server Core installation),
Windows Server 2016,
Windows Server 2016 (Server Core installation)