Information stealer masquerades as ldapnightmare (cve-2024-49113) poc exploit

Intel Name: Information stealer masquerades as ldapnightmare (cve-2024-49113) poc exploit

Date of Scan: January 10, 2025

Impact: Medium

Summary:
In December 2024, two critical vulnerabilities in Microsoft’s Windows LDAP were addressed, including CVE-2024-49113, a denial-of-service (DoS) vulnerability. A fake proof-of-concept (PoC) exploit for CVE-2024-49113, known as LDAPNightmare, has been used to lure security researchers into downloading and executing information-stealing malware. While using PoC lures for malware delivery is not new, this attack is concerning due to its exploitation of a widely impactful issue, increasing the risk of a larger number of victims.

More Details