Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Configuration Manager SQL injection RCE (CVE-2024-43468, actively exploited)

Vulnerability
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2024-43468 in Microsoft Configuration Manager (ConfigMgr/SCCM) is now actively exploited, turning a patched SQL injection flaw into a real risk for management servers and site databases. The bug can let an unauthenticated attacker execute code and run arbitrary commands with the highest privileges on the target environment. Microsoft patched the issue in October 2024, and Synacktiv later published proof-of-concept code, widening abuse potential. CISA has ordered FCEB agencies to remediate by March 5th under BOD 22-01.

Related Happenings

CISA KEV remediation order for CVE-2026-48907

Public Sector Action
H score89 First: 17.06.2026 08:50 Last: 17.06.2026 08:50 Sources 1

About this happening: CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...

CISA orders federal patching of Oracle WebLogic CVE-2024-21182

Public Sector Action
H score53 First: 02.06.2026 15:40 Last: 02.06.2026 15:40 Sources 1

About this happening: CISA ordered **federal agencies** to patch **Oracle WebLogic Server** against **CVE-2024-21182** by **June 4**, creating an immediate remediation deadline for affected government...

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
H score70 First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

CISA KEV listing and FCEB firewall directive for CVE-2026-0300

Public Sector Action
H score64 First: 07.05.2026 13:57 Last: 07.05.2026 13:57 Sources 1

About this happening: **CISA** added **CVE-2026-0300** to the **KEV Catalog** and ordered **FCEB agencies** to secure vulnerable firewalls by **May 9, 2026**. The federal directive makes the exploited...

Timeline

  1. 13.02.2026 14:35 1 articles · 4mo ago

    Synacktiv publishes proof-of-concept for CVE-2024-43468

    Technical Analysis Update

    Synacktiv shared proof-of-concept exploitation code for CVE-2024-43468, demonstrating how the Microsoft Configuration Manager SQL injection flaw could be used for code execution and arbitrary command execution with the highest privileges on the server or site database.

    Show sources
  2. 13.02.2026 14:35 2 articles · 4mo ago

    CISA orders FCEB patching for actively exploited CVE-2024-43468

    Legal Policy Action Update

    CISA flagged CVE-2024-43468 as actively exploited in the wild, ordered Federal Civilian Executive Branch agencies to patch by March 5 under Binding Operational Directive 22-01, and urged other defenders to apply vendor mitigations or discontinue use if mitigations are unavailable.

    Show sources