CVE-2024-45163

9.1 CRITICAL

Published: August 22, 2024 Modified: March 18, 2026

Description

The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://cypressthatkid.medium.com/remote-dos-exploit-found-in-mirai-botnet-source-code-27a1aad284f1

Source: cve@mitre.org

https://flowtriq.com/blog/cve-2024-45163-mirai-botnet-kill-switch

Source: cve@mitre.org

https://pastebin.com/6tqHnCva

Source: cve@mitre.org

https://youtu.be/aJkvSr85ML8

Source: cve@mitre.org

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

9.1 / 10.0

EPSS (Exploit Probability)

0.1%

29th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-400

Related CVEs

CVE-2026-4302 7.2

CVE-2026-32899 4.3

CVE-2026-32898 5.4

CVE-2026-32897 3.7

CVE-2026-32896 4.8