CVE-2024-1243 – Wazuh Agent for Windows UNC Path Manipulation Vulnerability

June 11, 2025

CVE ID : CVE-2024-1243

Published : June 11, 2025, 2:15 a.m. | 3 hours, 36 minutes ago

Description : Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for remote code execution or used to escalate privileges to SYSTEM via AD CS certificate forging and other similar attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-1244 – OSSEC HIDS Windows UNC Path Configuration Vulnerability

Next Article Sums is a postfix calculator designed for quick calculations

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2024-1243 – Wazuh Agent for Windows UNC Path Manipulation Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

CVE-2025-20223 – Cisco Catalyst Center HTTP Request Access Control Bypass

New generative media models and tools, built with and for creators

Atomic Design, Tokens, AI and the Future of Design Systems – Experience Designed Podcast

Your Apple MacBook is getting a free upgrade – here are the best MacOS 26 features

How to use Lottie animations

CVE-2025-5664 – FreeFloat FTP Server Buffer Overflow Vulnerability

CVE-2025-48931 – TeleMessage MD5 Password Hashing Weakness

DeepMind’s latest research at ICLR 2023

CVE-2024-1243 – Wazuh Agent for Windows UNC Path Manipulation Vulnerability

Related Posts