CVE-2024-43479

FAQ

According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?

The attacker can execute arbitrary Desktop Flows scripts in the target user session by registering the machine to their own malicious Entra tenant, extracting the user's Sid, and creating a malicious AD domain with the same Sid. This allows them to mint valid Entra ID tokens that the attacked machine will trust to run desktop automation in the session of the user with the matching Sid.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An attacker who successfully exploited this vulnerability could remotely execute arbitrary Desktop Flows script in an active open Windows session of the target user.

How do I get the updated app?

See Troubleshoot desktop flow action failures for update information.

How can I check if the update is installed?

Refer to the following table for the fixed build version that addresses this vulnerability.