Skip to main content

Critical remote code execution vulnerability discovered in Microsoft Windows Wi-Fi drivers

  • 5 September 2024
  • 0 replies
  • 2 views

Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

September 5, 2024 By Efosa Udinmwen 
 

A cybersecurity icon projecting from a laptop screen.

(Image credit: Shutterstock / song_about_summer)

 

A new critical cybersecurity threat has been discovered by CYFIRMA Research, involving a severe remote code execution (RCE) vulnerability identified as CVE-2024-30078.

This flaw affects the Wi-Fi drivers in multiple versions of Microsoft Windows, posing a potential risk to over 1.6 billion active devices worldwide.

The vulnerability could allow malicious actors within the Wi-Fi range to execute unauthorized code on affected systems.

How the exploit works

CVE-2024-30078 affects multiple versions of the Microsoft Windows operating system, including Windows 10Windows 11, and several versions of Windows Server. The flaw resides in the Dot11Translate80211ToEthernetNdisPacket() function within the native Wi-Fi driver (nwifi.sys).

The exploitation of CVE-2024-30078 has been reported in the wild in the United States, China, and parts of Europe. It poses significant risks to industries heavily reliant on Wi-Fi and extensive Windows deployments, including healthcare, finance, manufacturing, government, and technology.

 

>>Full Article<<

0 replies

Be the first to reply!

Reply