Windows TCP/IP Remote Code Execution Vulnerability: What You Should Know
CVE-2024-38063 is a critical (CVSS 9.8), zero-click, wormable remote code execution vulnerability in the IPv6 implementation of the Windows TCP/IP stack (tcpip.sys), patched during Micros...
In August 2024, Microsoft's monthly Patch Tuesday release addressed a total of 90 vulnerabilities, nine of which were categorized as zero-days and eight of which were rated critical. Among these, one vulnerability stood out significantly from the rest: CVE-2024-38063, a flaw in the IPv6 implementation of the Windows TCP/IP stack.
What makes this vulnerability especially dangerous is that it is a zero-click, wormable remote code execution vulnerability. An attacker can remotely execute arbitrary code on an affected system without any user interaction whatsoever — no phishing click, no malicious attachment, no social engineering required. Simply having a vulnerable, network-reachable system is enough for an attacker to potentially achieve full system compromise, unauthorized data access, and exposure of sensitive information.
The vulnerability affects any Windows version that supports IPv6 and is still receiving security updates from Microsoft — in practice, this means essentially every currently supported version of Windows, since IPv6 support is built into the modern Windows networking stack and is enabled by default.
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
3 sections- 1 Table of Contents
- 2 Module 1: The Windows TCP/IP IPv6 Remote Code Execution Vulnerability (CVE-2024-38063)
- 3 Summary
More Vulnerability Briefings courses
View all 30Apache Commons Text Vulnerability: What You Should Know
Because the library is freely available, widely trusted, and saves developers from writing boilerplate text-processing code, it has been incorporated into a very large number of Java-base...
Atlassian Vulnerability: What You Should Know
This document covers a group of critical advisories describing a series of Remote Code Execution (RCE) vulnerabilities in Atlassian products. The vulnerabilities span multiple products —...
Authentication Bypass at the Security Edge: What You Should Know
Once all required configuration changes were made, attackers established SSL VPN tunnels to the affected devices using the newly created or hijacked accounts.
Next.js Authentication Bypass Vulnerability: What You Should Know
Next.js is a React-based web development framework created and maintained by Vercel. It is widely used to build fast, scalable, and SEO-friendly web applications.
Breaking! React & Next.js Hit by CVSS 10.0 Bug
Every so often, a vulnerability drops that cuts through the noise — not because of the hype, but because it touches a large part of the modern web stack. CVE-2025-55182 is one of those.
ConnectWise ScreenConnect Vulnerability - What You Should Know
Critical security advisory covering CVE-2024-1709 (CVSS 10.0) and CVE-2024-1708 (CVSS 8.4) — authentication bypass and path traversal vulnerabilities in ConnectWise ScreenConnect.
Interested in this course?
Contact us to book it or get a custom training plan for your team.