CVE-2024-20696

🗓️ 09 Jan 2024 17:56:52Reported by microsoftType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 237 Views

Windows Libarchive Remote Code Execution Vulnerabilit

Reporter	Title	Published	Views	Family All 118
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	8 Aug 202417:29	–	ibm
AlpineLinux	CVE-2024-20696	9 Jan 202417:56	–	alpinelinux
Circl	CVE-2024-20696	9 Jan 202420:16	–	circl
CNNVD	Microsoft Windows Libarchive Security Vulnerability	9 Jan 202400:00	–	cnnvd
Cvelist	CVE-2024-20696 Windows libarchive Remote Code Execution Vulnerability	9 Jan 202417:56	–	cvelist
Debian	[SECURITY] [DLA 3950-1] libarchive security update	11 Nov 202421:52	–	debian
Debian	[SECURITY] [DSA 5806-1] libarchive security update	9 Nov 202408:49	–	debian
Debian CVE	CVE-2024-20696	9 Jan 202417:56	–	debiancve
Tenable Nessus	Debian dla-3950 : libarchive-dev - security update	12 Nov 202400:00	–	nessus
Tenable Nessus	Debian dsa-5806 : libarchive-dev - security update	9 Nov 202400:00	–	nessus

NVD

Vulners

CNA

Node

microsoft windows_10_1809Range<10.0.17763.5329

microsoft windows_10_21h2Range<10.0.19044.3930

microsoft windows_10_22h2Range<10.0.19045.3930

microsoft windows_11_21h2Range<10.0.22000.2713

microsoft windows_11_22h2Range<10.0.22621.3007

microsoft windows_11_23h2Range<10.0.22631.3007

microsoft windows_server_2019Range<10.0.17763.5329

microsoft windows_server_2022Range<10.0.20348.2227

microsoft windows_server_2022_23h2Range<10.0.25398.643

[
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1809",
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.17763.0",
        "lessThan": "10.0.17763.5329",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1809",
    "platforms": [
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.17763.5329",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2019",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.17763.0",
        "lessThan": "10.0.17763.5329",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2019 (Server Core installation)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.17763.0",
        "lessThan": "10.0.17763.5329",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2022",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.20348.0",
        "lessThan": "10.0.20348.2227",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 21H2",
    "platforms": [
      "x64-based Systems",
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.22000.2713",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 21H2",
    "platforms": [
      "32-bit Systems",
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.19043.0",
        "lessThan": "10.0.19044.3930",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H2",
    "platforms": [
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22621.0",
        "lessThan": "10.0.22621.3007",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 22H2",
    "platforms": [
      "x64-based Systems",
      "ARM64-based Systems",
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "10.0.19045.0",
        "lessThan": "10.0.19045.3930",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H3",
    "platforms": [
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22631.0",
        "lessThan": "10.0.22631.3007",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 Version 23H2",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22631.0",
        "lessThan": "10.0.22631.3007",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.25398.0",
        "lessThan": "10.0.25398.643",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
github	www.github.com/clearbluejar/CVE-2024-20696
clearbluejar	www.clearbluejar.github.io/posts/patch-tuesday-diffing-cve-2024-20696-windows-libarchive-rce/
lists	www.lists.debian.org/debian-lts-announce/2024/11/msg00007.html

03 Nov 2025 22:16Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.3

EPSS0.07709

SSVC

CWE-122