CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-30078

High Severity
Microsoft
SVRS
40/100
CVSSv3
NA/10
EPSS
0.13002/1

CVE-2024-30078 is a remote code execution vulnerability in the Windows Wi-Fi Driver. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on a target system. While the CVSS score is 0, indicating a base severity, the SOCRadar Vulnerability Risk Score (SVRS) is 40. This score suggests a moderate level of risk, which should be carefully considered, and the active exploits enhance the significance of the threat. The presence of "In The Wild" and "Exploit Available" tags indicates that this vulnerability is actively being exploited and that the attack vectors are publicly accessible. Given the potential for remote code execution, patching this vulnerability is crucial to prevent unauthorized system access and control, so it is important to monitor and watch for an increase in SVRS.

TAGS
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-06-11
LAST MODIFIED2024-06-21
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-30078 is a remote code execution vulnerability in the Windows Wi-Fi driver. This vulnerability allows an attacker to execute arbitrary code on a target system by sending a specially crafted packet to the vulnerable system. The CVSS score for this vulnerability is 8.8, indicating a high severity level. However, the SOCRadar Vulnerability Risk Score (SVRS) for this vulnerability is only 36, indicating a moderate risk level. This discrepancy is due to the fact that the SVRS takes into account additional factors, such as social media activity, news reports, and dark web data, which indicate that this vulnerability is not currently being actively exploited.

Key Insights

  • This vulnerability is a remote code execution vulnerability, which means that it can be exploited without the attacker having to have any local access to the target system.
  • This vulnerability affects all versions of Windows.
  • Microsoft has released a patch for this vulnerability.

Mitigation Strategies

  • Apply the patch released by Microsoft.
  • Disable the Wi-Fi adapter on affected systems.
  • Use a firewall to block traffic from untrusted sources.

Additional Information

  • There are no known threat actors or APT groups that are actively exploiting this vulnerability.
  • There are no active exploits that have been published for this vulnerability.
  • The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning about this vulnerability.
  • This vulnerability is not currently being exploited in the wild.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
zgimszhd61/CVE-2024-30078-POC_WIFIhttps://github.com/zgimszhd61/CVE-2024-30078-POC_WIFI2024-11-04
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Microsoft Patchday Juni 2024 - CVE-2024-30080, CVE-2024-30078
CERT.at2025-04-01
Microsoft Patchday Juni 2024 - CVE-2024-30080, CVE-2024-30078 | Im Rahmen des aktuellen Patchday hat Microsoft Patches für 58 Sicherheitslücken veröffentlicht. Aus der Liste stechen zwei Schwachstellen besonders hervor: CVE-2024-30080, eine Remote Code Execution in Microsoft Message Queuing (MSMQ) CVE-2024-30078, eine Remote Code Execution in "Windows Wi-Fi Driver" Im Rahmen unserer Arbeit weisen
cve-2024-30080
cve-2024-30078
windows
server
The June 2024 Security Update Review
Dustin Childs2024-06-11
The June 2024 Security Update Review | Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for June 2024For June, Adobe released
zerodayinitiative.com
rss
forum
news
Tageszusammenfassung - 13.06.2024
CERT.at2024-06-13
Tageszusammenfassung - 13.06.2024 | End-of-Day report Timeframe: Mittwoch 12-06-2024 18:00 - Donnerstag 13-06-2024 18:00 Handler: Alexander Riepl Co-Handler: Michael Schlagenhaufer News Microsoft Patchday Juni 2024 - CVE-2024-30080, CVE-2024-30078 Im Rahmen des aktuellen Patchday hat Microsoft Patches für 58 Sicherheitslücken veröffentlicht. Aus der Liste stechen zwei Schwachstellen besonders hervor: CVE-2024-30080, eine Remote Code Execution in Microsoft Message Queuing (MSMQ) [..] CVE-2024-30078, eine Remote Code Execution in "Windows Wi-Fi Driver". <
cve-2024-4358
cve-2024-5908
cve-2024-5906
cve-2024-30080
Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms
Maine Basan2024-06-24
Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms | Major platforms performed recent fixes to address critical vulnerabilities. Patch your systems now. The post Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms appeared first on eSecurity Planet.In last week’s vulnerability news, major companies performed recent patches to resolve critical vulnerabilities across various software and hardware platforms. Microsoft addressed a remote code execution issue. ASUS fixed authentication bypass
cve-2024-22243
cve-2024-37081
cve-2024-22259
cve-2024-22257
Latest Windows update patches critical Wi-Fi vulnerability
2024-06-21
Latest Windows update patches critical Wi-Fi vulnerability | Windows updates don&rsquo;t just exist to annoy you and make you reboot your computer twice as often as you normally would. They often include some actually important stuff. This week&rsquo;s update has a critical patch for a known Wi-Fi vulnerability, which Microsoft rates as an 8.8 out of 10 in terms
cve-2024-30078
cve-2024-30080
cve-2023-50868
domains
Data Breaches Digest - Week 25 2024
Dunkie ([email protected])2024-06-17
Data Breaches Digest - Week 25 2024 | Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th June and 23rd June 2024. 20th June <br
cve-2024-37080
cve-2024-30078
cve-2024-37079
domains
How do I prioritize vulnerabilities?
/u/Legitimate_Sun_59302024-06-20
How do I prioritize vulnerabilities? | I'm a soc analyst. First soc job. It's also a brand new soc so we don't really have established procedures yet. One thing I'm wondering about is vulnerabilities. Over the weekend I saw blogs about the windows wifi driver vulnerability. Cve-2024-30078 I looked in our end point manager and it's reporting 824 assets are missing the patch. <
cve-2024-30078
domains
urls
cves

Social Media

Proactively Managing High-Risk Vulnerabilities with TruRisk Mitigate™ https://t.co/529yhqjAAS In late 2024, organizations faced over 65 million detections from three critical vulnerabilities—CVE-2013-2900, CVE-2024-38122, and CVE-2024-30078—underscoring the urgent need for pr…
0
0
0
For our second technical post, we have an analysis of a Windows RCE vulnerability in the Wi-Fi driver (CVE-2024-30078), which includes a detailed root cause analysis and exploitation constraints. Enjoy :) https://t.co/llaW6l6TlC
0
0
4
Some final notes on CVE-2024-30078 (wifi RCE) exploitability. If you haven't already done so, I recommend you first take a look at my previous thread on the subject. 🧵 https://t.co/ioto4SjeiA
1
0
1
@stilic_dev @WoofStang @Pirat_Nation @massgravel also, maybe plan for patch tuesday, we got a few spicy weeks (especially CVE-2024-30078) recently with patches you really don't want to forget installing.
0
0
1
@TWiT @SGgrc @leolaporte @kaspersky @Google Mr. Gibson is incorrect in his analysis of CVE-2024-30078 - someone still has to connect to the same network as the attacker --- translate and see https://t.co/gBiBrgG7lY This is not a wormable 10 flaw
0
0
1
There’s a Windows security flaw that lets hackers infect your PC over wifi. It’s possible if hackers are on the same wifi and physically near you, even if you don’t click any links or open a pdf. Makes using public wifi more dangerous. CVE-2024-30078
0
0
0
#SymLink: 208a Sesión de Tesos en Wi-Fi: WLPC CDMX, WiFi Sensor, CVE-2024-30078, Cisco 9800, Aruba Atmosphere @Ferney_Munoz @ArubaNetworks @Ferney_Munoz #ArubaAtmosphere #TFDx #HPEDiscover #Video #Español https://t.co/tX34W2nISq
0
1
1
🚨 Important update for #Windows10 &amp; #Windows11 users! Microsoft has released a crucial security patch for CVE-2024-30078. Update now to protect your device from hackers, especially on public Wi-Fi! 🔒 #CyberSecurity #UpdateNow https://t.co/fUSSr1uyF2 https://t.co/3IjKY2Tv1U
0
0
0
Link: 208a Sesión De Tesos en Wi-Fi: WLPC CDMX, WiFi Sensor, CVE-2024-30078, Cisco 9800, Aruba Atmosphere @ArubaNetworks @Ferney_Munoz #ArubaAtmosphere #TFDx #HPEDiscover #Video #Español https://t.co/1T6sVuuWky
0
0
0
did we ever work out what was the deal with the windows wifi bug CVE-2024-30078? I got too much on my plate rn to look at it but it sounds so juicy :(
1
0
3

Affected Software

Configuration 1
TypeVendorProduct
OSMicrosoftwindows_10_1507
OSMicrosoftwindows_10_1809
OSMicrosoftwindows_10_1607
OSMicrosoftwindows_10_21h2
OSMicrosoftwindows_11_21h2
OSMicrosoftwindows_server_2022
OSMicrosoftwindows_11_22h2
OSMicrosoftwindows_10_22h2
OSMicrosoftwindows_server_2022_23h2
OSMicrosoftwindows_server_2019
OSMicrosoftwindows_11_23h2
OSMicrosoftwindows_server_2016
OSMicrosoftwindows_server_2008
OSMicrosoftwindows_server_2012

References

ReferenceLink
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078

CWE Details

CWE IDCWE NameDescription
CWE-20Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence