April 2024 Patch Tuesday: 10 Critical Vulnerabilities Amid 152 CVEs

Published on Apr 9, 2024 • Last updated on Nov 15, 2024

Total vulnerabilities
152
Critical vulnerabilities
10
Exploited vulnerabilities
9

April 2024 Risk Analysis

Most impacted products
SQL Server
25%
Windows Secure Boot
16%
Windows Remote Access Connection Manager
6%
Role: DNS Server
5%
Microsoft Defender for IoT
4%
Attribution of Malware Families
Brute Ratel C4
20%
Cobalt Strike
20%
DarkMe
20%
DarkGate
20%
Hydra
20%
Attribution of Threat Actors
DarkCasino
100%

Critical Vulnerabilities

CVE-2024-29990

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVSS 9CWE-284

Exploit

A critical elevation of privilege vulnerability in Azure Kubernetes Service Confidential Container allows unauthenticated attackers to access untrusted AKS nodes and take control of confidential guests and containers, despite requiring complex exploitation preparations. The vulnerability enables attackers to move workloads to attacker-controlled machines with root access, potentially leading to credential theft and compromise of resources beyond the AKSCC security scope. Given the high impact on confidentiality, integrity, and availability, combined with the ability to breach containment boundaries, this vulnerability poses a significant risk to confidential computing environments even though it requires sophisticated attack preparation.

CVE-2024-21323

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVSS 8.8CWE-36

Exploit

A path traversal vulnerability in Microsoft Defender for IoT enables authenticated attackers to exploit the update package mechanism by sending malicious tar files, potentially leading to arbitrary file overwrite capabilities. The vulnerability requires low-privilege network access but no user interaction, and if successfully exploited, could result in complete compromise of system confidentiality, integrity, and availability through remote code execution. The critical nature of Defender for IoT in protecting operational technology environments makes this vulnerability particularly concerning for industrial and infrastructure security.

CVE-2024-26205

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS 8.8CWE-122

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables remote code execution when an unauthorized attacker tricks a user into connecting to a malicious server. The exploitation results in high-severity impacts across confidentiality, integrity, and availability of the affected system, potentially allowing complete compromise of the client machine despite requiring user interaction. Given the critical nature of RRAS in network infrastructure and the potential for complete system compromise with no privileges required, this vulnerability represents a significant risk to organizations using the affected service.

CVE-2024-29988

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of Internet Shortcut (.URL) files. The issue results from the lack of a security check on chained Internet Shortcut files. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988</a> <br/></td>

CVSS 8.8CWE-693

Exploit

A Windows SmartScreen security feature bypass vulnerability exists in the handling of Internet Shortcut (.URL) files, allowing remote attackers to execute arbitrary code by exploiting insufficient security checks on chained Internet Shortcut files. While user interaction is required through opening a malicious file or visiting a compromised webpage, successful exploitation enables code execution in the context of the current user, potentially leading to complete system compromise with high impacts on confidentiality, integrity, and availability. The vulnerability is particularly concerning as it is being actively exploited in the wild by multiple threat actors and malware families, with proof-of-concept exploits publicly available.

CVE-2024-20678

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVSS 8.8CWE-843

A Remote Procedure Call (RPC) Runtime vulnerability allows authenticated attackers to execute remote code by sending specially crafted RPC calls to an RPC host, requiring only low-level privileges for exploitation. The type confusion flaw can lead to complete system compromise with the same permissions as the RPC service, potentially resulting in high-severity impacts to system confidentiality, integrity, and availability. Given the low attack complexity, network-based attack vector, and no required user interaction, this vulnerability presents a significant risk to organizations running affected RPC services.

CVE-2024-26200

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS 8.8CWE-122

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables remote code execution when an attacker sets up a malicious server and waits for a client connection. While the attack requires user interaction to initiate the connection, it can lead to complete system compromise with high impacts on confidentiality, integrity, and availability since the exploit requires no privileges and has low attack complexity.

CVE-2024-26234

Proxy Driver Spoofing Vulnerability

CVSS 6.7CWE-284

Exploit

A proxy driver spoofing vulnerability allows attackers with high privileges to execute arbitrary code by exploiting improper access controls in Windows systems. Successful exploitation enables complete system compromise, allowing attackers to install programs, modify or delete data, and create new user accounts with full privileges, making this a significant threat to system integrity and confidentiality. Given the vulnerability has been observed being exploited in the wild and affects core Windows functionality, immediate attention is warranted despite the requirement for high privileges to exploit.

CVE-2024-26179

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVSS 8.8CWE-122

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows an unauthenticated attacker to achieve remote code execution when a client connects to a malicious server. While the attack requires user interaction to initiate the connection, successful exploitation grants the attacker high-severity impacts across confidentiality, integrity, and availability of the affected system, making it a significant threat despite requiring user interaction.

CVE-2024-26214

Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability

CVSS 8.8CWE-122

A heap-based buffer overflow vulnerability in the Windows Data Access Components SQL Server ODBC Driver allows remote code execution when an authenticated user connects to a malicious SQL server through ODBC/OLEDB drivers. An attacker can achieve full system compromise with high impact on confidentiality, integrity, and availability by tricking users into connecting to a crafted malicious database server, executing arbitrary code in the context of the SQL client application. The severity of this vulnerability is heightened by its low attack complexity and the lack of required privileges, making it an attractive target for attackers seeking to gain unauthorized system access.

CVE-2024-26210

Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability

CVSS 8.8CWE-122

A remote code execution vulnerability in Microsoft's WDAC OLE DB Provider for SQL Server allows attackers to execute arbitrary code by tricking authenticated users into connecting to a malicious SQL server via OLEDB. The critical nature of this heap-based buffer overflow vulnerability is heightened by its low attack complexity and the fact that it can lead to complete system compromise, potentially giving attackers full control over affected systems with high impacts on confidentiality, integrity, and availability. Given the widespread use of Microsoft SQL Server in enterprise environments and the relatively simple exploitation path requiring only user interaction, this vulnerability represents a significant risk to organizational security.

All vulnerabilities

CVE ID
CVSS Score
ProductTrend
Exploit
CVE-2024-29993Azure CycleCloud Elevation of Privilege Vulnerability
CVSS 8.8

azure_cyclecloud

-
CVE-2024-29992Azure Identity Library for .NET Information Disclosure Vulnerability
CVSS 5.5

robotic_process_automation

-
CVE-2024-29991This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of .MHT files. The issue results from the lack of a security check on .MHT files located in shared folders. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991</a> <br/></td>
CVSS 5

edge

-
CVE-2024-29990Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVSS 9

azure_kubernetes_service

Apr 15, 2024
CVE-2024-29989Azure Monitor Agent Elevation of Privilege Vulnerability
CVSS 8.4

azure_monitor_agent

-
CVE-2024-29988This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of Internet Shortcut (.URL) files. The issue results from the lack of a security check on chained Internet Shortcut files. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988</a> <br/></td>
CVSS 8.8

windows_10_1809

+6 more

Apr 9, 2024
CVE-2024-29987Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVSS 6.5

edge

-
CVE-2024-29986Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
CVSS 5.4

edge

-
CVE-2024-29985Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29984Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29983Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29982Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29981Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS 4.3

edge

-
CVE-2024-29066Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-29064Windows Hyper-V Denial of Service Vulnerability
CVSS 6.2--
CVE-2024-29063Azure AI Search Information Disclosure Vulnerability
CVSS 7.3--
CVE-2024-29062Secure Boot Security Feature Bypass Vulnerability
CVSS 7.1

windows_10_1507

+12 more

-
CVE-2024-29061Secure Boot Security Feature Bypass Vulnerability
CVSS 7.8

windows_10_1507

+12 more

-
CVE-2024-29056Windows Authentication Elevation of Privilege Vulnerability
CVSS 4.3

windows_server_2008

+5 more

-
CVE-2024-29055Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVSS 7.2

defender_for_iot

-
CVE-2024-29054Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVSS 7.2

defender_for_iot

-
CVE-2024-29053Microsoft Defender for IoT Remote Code Execution Vulnerability
CVSS 8.8

defender_for_iot

Apr 9, 2024
CVE-2024-29052Windows Storage Elevation of Privilege Vulnerability
CVSS 7.8

windows_10_21h2

+6 more

-
CVE-2024-29050Windows Cryptographic Services Remote Code Execution Vulnerability
CVSS 8.4

windows

-
CVE-2024-29049Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVSS 4.1

edge

-
CVE-2024-29048Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29047Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29046Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29045Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 7.5

ole_db_driver_for_sql_server

-
CVE-2024-29044Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-29043Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28945Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28944Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28943Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28942Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28941Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28940Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28939Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28938Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28937Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28936Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28935Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28934Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28933Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28932Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28931Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28930Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28929Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

odbc_driver_for_sql_server

-
CVE-2024-28927Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28926Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28925Secure Boot Security Feature Bypass Vulnerability
CVSS 8

windows

-
CVE-2024-28924Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7

windows

-
CVE-2024-28923Secure Boot Security Feature Bypass Vulnerability
CVSS 6.4--
CVE-2024-28922Secure Boot Security Feature Bypass Vulnerability
CVSS 4.1--
CVE-2024-28921Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-28920Secure Boot Security Feature Bypass Vulnerability
CVSS 7.8--
CVE-2024-28919Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-28917Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
CVSS 6.2

azure_arc-enabled_kubernetes

-
CVE-2024-28915Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28914Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28913Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28912Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28911Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28910Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28909Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28908Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28907Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-28906Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

ole_db_driver_for_sql_server

-
CVE-2024-28905Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-28904Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-28903Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-28902Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-28901Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-28900Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-28898Secure Boot Security Feature Bypass Vulnerability
CVSS 6.3

windows

-
CVE-2024-28897Secure Boot Security Feature Bypass Vulnerability
CVSS 6.8--
CVE-2024-28896Secure Boot Security Feature Bypass Vulnerability
CVSS 7.5--
CVE-2024-26257Microsoft Excel Remote Code Execution Vulnerability
CVSS 7.8

excel

-
CVE-2024-26256libarchive Remote Code Execution Vulnerability
CVSS 7.8

libarchive

-
CVE-2024-26255Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-26254Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
CVSS 7.5--
CVE-2024-26253Windows rndismp6.sys Remote Code Execution Vulnerability
CVSS 6.8

windows

-
CVE-2024-26252Windows rndismp6.sys Remote Code Execution Vulnerability
CVSS 6.8

windows

-
CVE-2024-26251Microsoft SharePoint Server Spoofing Vulnerability
CVSS 6.8

sharepoint_server

-
CVE-2024-26250Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-26248Windows Kerberos Elevation of Privilege Vulnerability
CVSS 7.5--
CVE-2024-26245Windows SMB Elevation of Privilege Vulnerability
CVSS 7.8

windows

-
CVE-2024-26244Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

windows_data_access_components

-
CVE-2024-26243Windows USB Print Driver Elevation of Privilege Vulnerability
CVSS 7

Windows

-
CVE-2024-26242Windows Telephony Server Elevation of Privilege Vulnerability
CVSS 7--
CVE-2024-26241Win32k Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-26240Secure Boot Security Feature Bypass Vulnerability
CVSS 8--
CVE-2024-26239Windows Telephony Server Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-26237Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVSS 7.8

windows

-
CVE-2024-26236Windows Update Stack Elevation of Privilege Vulnerability
CVSS 7

windows

-
CVE-2024-26235Windows Update Stack Elevation of Privilege Vulnerability
CVSS 7.8

windows

-
CVE-2024-26234Proxy Driver Spoofing Vulnerability
CVSS 6.7

windows

Apr 9, 2024
CVE-2024-26233Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26232Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVSS 7.3

message_queuing

-
CVE-2024-26231Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26230Windows Telephony Server Elevation of Privilege Vulnerability
CVSS 7.8-Apr 13, 2024
CVE-2024-26229Windows CSC Service Elevation of Privilege Vulnerability
CVSS 7.8

windows

Jun 11, 2024
CVE-2024-26228Windows Cryptographic Services Security Feature Bypass Vulnerability
CVSS 7.8--
CVE-2024-26227Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26226Windows Distributed File System (DFS) Information Disclosure Vulnerability
CVSS 6.5--
CVE-2024-26224Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26223Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26222Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26221Windows DNS Server Remote Code Execution Vulnerability
CVSS 7.2--
CVE-2024-26220Windows Mobile Hotspot Information Disclosure Vulnerability
CVSS 5

windows_mobile

-
CVE-2024-26219HTTP.sys Denial of Service Vulnerability
CVSS 7.5--
CVE-2024-26218Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.8-Apr 26, 2024
CVE-2024-26217Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-26216Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVSS 7.3

windows

-
CVE-2024-26215DHCP Server Service Denial of Service Vulnerability
CVSS 7.5

dhcp

-
CVE-2024-26214Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
CVSS 8.8

windows_data_access_components

-
CVE-2024-26213Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS 7--
CVE-2024-26212DHCP Server Service Denial of Service Vulnerability
CVSS 7.5

dhcp

-
CVE-2024-26211Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-26210Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVSS 8.8

windows_data_access_components

-
CVE-2024-26209Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-26208Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVSS 7.2

message_queuing

-
CVE-2024-26207Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-26205Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS 8.8--
CVE-2024-26202DHCP Server Service Remote Code Execution Vulnerability
CVSS 7.2

dhcp

-
CVE-2024-26200Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS 8.8--
CVE-2024-26195DHCP Server Service Remote Code Execution Vulnerability
CVSS 7.2

dhcp

-
CVE-2024-26194Secure Boot Security Feature Bypass Vulnerability
CVSS 7.4--
CVE-2024-26193Azure Migrate Remote Code Execution Vulnerability
CVSS 6.4--
CVE-2024-26189Secure Boot Security Feature Bypass Vulnerability
CVSS 8--
CVE-2024-26183Windows Kerberos Denial of Service Vulnerability
CVSS 6.5

windows

-
CVE-2024-26180Secure Boot Security Feature Bypass Vulnerability
CVSS 8

windows

-
CVE-2024-26179Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS 8.8--
CVE-2024-26175Secure Boot Security Feature Bypass Vulnerability
CVSS 7.8--
CVE-2024-26172Windows DWM Core Library Information Disclosure Vulnerability
CVSS 5.5--
CVE-2024-26171Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-26168Secure Boot Security Feature Bypass Vulnerability
CVSS 6.8--
CVE-2024-26158This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the service to write arbitrary registry values. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158</a> <br/></td>
CVSS 7.8--
CVE-2024-21447Windows Authentication Elevation of Privilege Vulnerability
CVSS 7.8--
CVE-2024-21424Azure Compute Gallery Elevation of Privilege Vulnerability
CVSS 6.5--
CVE-2024-21409Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 ,and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A use-after-free vulnerability exists in WPF which may result in Elevation of Privilege when viewing untrusted documents. This is a Windows only vulnerability.
CVSS 7.3

net

-
CVE-2024-21324Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVSS 7.2

defender_for_iot

-
CVE-2024-21323Microsoft Defender for IoT Remote Code Execution Vulnerability
CVSS 8.8

defender_for_iot

Apr 11, 2024
CVE-2024-21322Microsoft Defender for IoT Remote Code Execution Vulnerability
CVSS 7.2

defender_for_iot

Apr 11, 2024
CVE-2024-20693Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.8

services

+1 more

-
CVE-2024-20689Secure Boot Security Feature Bypass Vulnerability
CVSS 7.1

windows_server_2012

-
CVE-2024-20688Secure Boot Security Feature Bypass Vulnerability
CVSS 7.1

windows_server_2012

-
CVE-2024-20685This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit this vulnerability.<br/>The specific flaw exists within the handling of InitialUEMessage messages. The issue results from improper length validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the 5G network.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685</a> <br/></td>
CVSS 5.9

udp

-
CVE-2024-20678Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVSS 8.8--
CVE-2024-20670Outlook for Windows Spoofing Vulnerability
CVSS 8.1--
CVE-2024-20669Secure Boot Security Feature Bypass Vulnerability
CVSS 6.7--
CVE-2024-20665BitLocker Security Feature Bypass Vulnerability
CVSS 6.1

bitlocker

-