CVE-2024-35270 is a vulnerability identified in the Microsoft Windows 10 Version 1809 iSCSI service, categorized under CWE-400 for uncontrolled resource consumption. The iSCSI service facilitates block-level access to storage devices over IP networks, commonly used in enterprise environments for storage area networks (SANs). This vulnerability allows a remote attacker to send specially crafted network packets to the iSCSI service, causing it to consume excessive system resources such as memory or CPU cycles. The result is a denial of service (DoS) condition where the affected system becomes unresponsive or crashes, impacting availability. The CVSS 3.1 base score is 5.3 (medium severity), with the vector indicating that the attack requires network access (AV:A), high attack complexity (AC:H), no privileges required (PR:N), and no user interaction (UI:N). The scope remains unchanged (S:U), and the impact is limited to availability (A:H) without affecting confidentiality or integrity. No public exploits have been reported yet, and no patches are currently linked, suggesting the vulnerability is newly disclosed. The vulnerability was reserved in May 2024 and published in July 2024. Given the nature of iSCSI's role in enterprise storage, exploitation could disrupt critical storage access, leading to operational downtime.

For European organizations, the primary impact is on system availability, particularly for those relying on Windows 10 Version 1809 systems with iSCSI services enabled. Enterprises using iSCSI for storage in data centers, cloud providers, and critical infrastructure sectors such as finance, healthcare, and manufacturing could experience service interruptions or outages if exploited. The denial of service could lead to downtime, loss of productivity, and potential cascading failures in dependent systems. Since the vulnerability does not affect confidentiality or integrity, data breaches are less likely, but operational disruption can have significant business and reputational consequences. Organizations that have not upgraded from Windows 10 1809 or maintain legacy systems are at higher risk. The lack of known exploits reduces immediate threat but also means organizations should proactively prepare for potential future attacks.

Organizations should prioritize patching Windows 10 Version 1809 systems once Microsoft releases an official update addressing CVE-2024-35270. Until patches are available, network-level mitigations should be implemented, including restricting access to the iSCSI service to trusted hosts only via firewall rules and network segmentation. Monitoring network traffic for unusual or malformed iSCSI packets can help detect attempted exploitation. Disabling the iSCSI service on systems where it is not required reduces the attack surface. Additionally, organizations should consider upgrading to supported Windows versions with ongoing security updates to avoid legacy vulnerabilities. Incident response plans should include procedures for detecting and mitigating denial of service conditions related to iSCSI. Regular backups and redundancy in storage infrastructure can minimize operational impact if service disruption occurs.