CISA has ordered U.S. federal agencies to secure systems against a critical Microsoft Configuration Manager vulnerability (CVE-2024-43468) patched in October 2024 after proof-of-concept exploit code surfaced. The agency says the flaw is being actively exploited and mandated FCEB agencies patch by March 5 under BOD 22-01 while urging all organizations to apply vendor mitigations immediately. #CVE-2024-43468 #MicrosoftConfigurationManager
Keypoints
- CVE-2024-43468 is a SQL injection in Microsoft Configuration Manager that allows unauthenticated remote code execution.
- Synacktiv reported the bug and published proof-of-concept exploit code on November 26, 2024.
- Microsoft released a patch in October 2024 and initially assessed exploitation as less likely.
- CISA flagged the vulnerability as actively exploited and ordered FCEB agencies to patch by March 5 under BOD 22-01.
- CISA urges all network defenders to apply vendor mitigations, follow BOD guidance for cloud services, or discontinue the product if mitigations are unavailable.