Microsoft: CredSSP Remote Code Execution Vulnerability


A remote code execution vulnerability exists in the Credential Security Support Provider protocol (CredSSP). An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute code on the target system.

affected-products-logoAffected Applications

Windows 10
Windows 7
Windows 8
Windows RT 8.1
Windows Server 2008
Windows Server 2012
Windows Server 2016
Windows Server version 1709 (Server Core Installation)
Windows Server version 1803 (Server Core Installation)

Telemetry logoTelemetry

CVE References