Security researcher Mehdi Elyassa from Synacktiv published the technical details and a proof-of-concept (PoC) exploit code for a critical vulnerability in Microsoft Configuration Manager (MCM), tracked as CVE-2024-43468, with a CVSS score of 9.8. This flaw allows unauthenticated attackers to exploit SQL injection vulnerabilities, enabling the execution of arbitrary commands on servers and their underlying databases.
