LDAP Nightmare CVE-2024-49113
Summary
SafeBreach Labs developed a proof of concept exploit for CVE-2024-49113 that crashes any unpatched Windows Server (not just DCs) with no pre-requisites except that the DNS server of the victim DC has Internet connectivity.
The attack flow:
...
news.fmisec.com15 min read