September 5, 2024 By Efosa Udinmwen
(Image credit: Shutterstock / song_about_summer)
A new critical cybersecurity threat has been discovered by CYFIRMA Research, involving a severe remote code execution (RCE) vulnerability identified as CVE-2024-30078.
This flaw affects the Wi-Fi drivers in multiple versions of Microsoft Windows, posing a potential risk to over 1.6 billion active devices worldwide.
The vulnerability could allow malicious actors within the Wi-Fi range to execute unauthorized code on affected systems.
How the exploit works
CVE-2024-30078 affects multiple versions of the Microsoft Windows operating system, including Windows 10, Windows 11, and several versions of Windows Server. The flaw resides in the Dot11Translate80211ToEthernetNdisPacket() function within the native Wi-Fi driver (nwifi.sys).
The exploitation of CVE-2024-30078 has been reported in the wild in the United States, China, and parts of Europe. It poses significant risks to industries heavily reliant on Wi-Fi and extensive Windows deployments, including healthcare, finance, manufacturing, government, and technology.