Critical remote code execution vulnerability discovered in Microsoft Windows Wi-Fi drivers

When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

The vulnerability could allow malicious actors within theWi-Fi rangeto execute unauthorized code on affected systems.

The flaw resides in the Dot11Translate80211ToEthernetNdisPacket() function within the native Wi-Fi driver (nwifi.sys).

Instead, attackers can send specially crafted connection packets to devices within their Wi-Fi range to gain unauthorized access.

This vulnerability involves a flaw in the Link Layer Control (LLC) component of the internet stack.

This flaw is related to how packet lengths are handled when Virtual LAN (VLAN) is used.

One of the most alarming consequences is the potential formalwareinstallation.

Attackers could remotely deploy various types of malicious software, includingransomwareand spyware, onto compromised systems.

Moreover, once a system is compromised, attackers could engage in lateral movement within the connection.

Data exfiltration is also a critical concern associated with CVE-2024-30078.

There are multiple ways to minimize the risk posed by CVE-2024-30078.