Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Configuration Manager SQL injection RCE (CVE-2024-43468, actively exploited)

Vulnerability
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2024-43468 in Microsoft Configuration Manager (ConfigMgr/SCCM) is now actively exploited, turning a patched SQL injection flaw into a real risk for management servers and site databases. The bug can let an unauthenticated attacker execute code and run arbitrary commands with the highest privileges on the target environment. Microsoft patched the issue in October 2024, and Synacktiv later published proof-of-concept code, widening abuse potential. CISA has ordered FCEB agencies to remediate by March 5th under BOD 22-01.

Related Happenings

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...

Open Happening

CISA KEV listing and FCEB firewall directive for CVE-2026-0300

Public Sector Action
First: 07.05.2026 13:57 Last: 07.05.2026 13:57 Sources 1

About this happening: **CISA** added **CVE-2026-0300** to the **KEV Catalog** and ordered **FCEB agencies** to secure vulnerable firewalls by **May 9, 2026**. The federal directive makes the exploited...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CPanel CVE-2026-41940 mitigation guidance

Advisory/Mitigation
First: 30.04.2026 14:40 Last: 30.04.2026 14:40 Sources 1

About this happening: cPanel issued mitigation guidance for **CVE-2026-41940** after fixes became available for **cPanel, WHM, and WP Squared**, urging customers to restart **cpsrvd** to reduce exposur...

Open Happening

CISA KEV order for BlueHammer patching

Public Sector Action
First: 23.04.2026 14:05 Last: 23.04.2026 14:05 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to patch **Windows** systems against **CVE-2026-33825** within **two weeks** after adding the flaw to the **KEV Cat...

Open Happening

Timeline

  1. 13.02.2026 14:35 1 articles · 3mo ago

    Synacktiv publishes proof-of-concept for CVE-2024-43468

    Technical Analysis Update

    Synacktiv shared proof-of-concept exploitation code for CVE-2024-43468, demonstrating how the Microsoft Configuration Manager SQL injection flaw could be used for code execution and arbitrary command execution with the highest privileges on the server or site database.

    Show sources
    Open in new tab
  2. 13.02.2026 14:35 2 articles · 3mo ago

    CISA orders FCEB patching for actively exploited CVE-2024-43468

    Legal Policy Action Update

    CISA flagged CVE-2024-43468 as actively exploited in the wild, ordered Federal Civilian Executive Branch agencies to patch by March 5 under Binding Operational Directive 22-01, and urged other defenders to apply vendor mitigations or discontinue use if mitigations are unavailable.

    Show sources
    Open in new tab