Vulnerability Information Vulnerability ID: CVE-2024-43497 Vulnerability Type: Remote Code Execution Vulnerability Release Date: October 8, 2024 Impact: Remote Code Execution Maximum Severity: Important Weakness: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CVSS Score: CVSS 3.1: 8.4 / 7.3 Vulnerability Description: Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High Vulnerability Details: Description: This vulnerability allows attackers to trigger remote code execution via specific inputs, potentially gaining control over the system. Impact Scope: Affected systems may be subject to unauthorized access and control. Remediation: Recommendation: Affected software should be updated immediately to fix this vulnerability. Patch: Microsoft has released a patch to address this vulnerability. Reference Links: Microsoft Security Response Center Important Note: Ensure timely updates to systems and software to avoid potential security risks.