{"uuid": "e850046f-6c69-4994-867e-9a7abbd08a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/5692", "content": "\ud83d\udd14Call and Register \u2014 Relay Attack on WinReg RPC Client\n\nA critical vulnerability (CVE-2024-43532) has been identified in Microsoft\u2019s Remote Registry client. This flaw allows attackers to exploit insecure fallback mechanisms in the WinReg client, enabling them to relay authentication details and make unauthorized certificate requests through Active Directory Certificate Services (ADCS).\n\n\ud83d\udd17 Research:\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\n\ud83d\udd17 RPC Visibility Tool:\nhttps://github.com/akamai/akamai-security-research/tree/main/rpc_toolkit/rpc_visibility\n\n\ud83d\udd17 PoC: \nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#ad #adcs #rpc #ntlm #relay #etw #advapi", "creation_timestamp": "2024-10-26T07:01:58.000000Z"}