Published on Jun 11, 2024 • Last updated on Nov 15, 2024
Windows Kernel Elevation of Privilege Vulnerability
A Windows Kernel vulnerability allows local attackers with low privileges to exploit an integer overflow condition, enabling escape from AppContainer isolation and privilege escalation without user interaction. Upon successful exploitation, an attacker could gain unauthorized system resource access and execute arbitrary code with elevated privileges, potentially leading to complete system compromise and unauthorized network actions. The vulnerability's ability to change scope from a contained environment makes it particularly dangerous as it bypasses critical security boundaries designed to limit process privileges.
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
A double free vulnerability in Microsoft's Speech Application Programming Interface (SAPI) allows unauthenticated network attackers to achieve remote code execution when a user clicks a malicious link. The flaw enables attackers to execute arbitrary code with the current user's privileges, potentially leading to complete system compromise with the ability to view, modify, or delete data and create accounts with full user rights. This critical weakness affects multiple Windows versions and requires immediate attention due to its high impact on system integrity, confidentiality, and availability.
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
A remote code execution vulnerability in Microsoft Dynamics 365 Business Central enables authenticated attackers to execute arbitrary code through untrusted data deserialization without requiring user interaction or elevated privileges. The vulnerability can be exploited over the network with low attack complexity, potentially allowing attackers to gain full control of affected systems with the ability to view, modify, or delete data, install malicious programs, and create new accounts with full user rights. Given the high impact on confidentiality, integrity, and availability, combined with the relatively low barrier to exploitation, this vulnerability represents a significant risk to business operations.
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
A critical vulnerability in Linux/Ubuntu Data Science Virtual Machines (DSVM) allows unauthenticated attackers to intercept user credentials through specially crafted network requests, despite requiring complex environmental reconnaissance for successful exploitation. The flaw enables attackers to fully impersonate compromised users and execute any operations within their permission scope, potentially leading to unauthorized data access, system manipulation, and privilege escalation. Given the high impact across confidentiality, integrity, and availability combined with the absence of required user interaction, this vulnerability poses a significant risk to DSVM deployments, particularly in environments where network access cannot be adequately restricted.
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
A critical remote code execution vulnerability in Microsoft Message Queuing (MSMQ) allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges by sending specially crafted MSMQ packets over HTTP to affected servers. The flaw, which has been identified as a Use-After-Free vulnerability, poses a severe risk as it requires no user interaction and could enable attackers to gain complete control of the target system, including the ability to install programs, modify data, and create privileged accounts. This vulnerability is particularly concerning because MSMQ HTTP-Support is a commonly deployed Windows component in enterprise environments, making it an attractive target for threat actors seeking to compromise network infrastructure.
An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network.
A high-severity untrusted search path vulnerability in Microsoft Dataverse allows authenticated attackers to execute arbitrary code remotely over a network, requiring no user interaction but high privileges. The vulnerability's changed scope means it can impact resources beyond the vulnerable component, potentially compromising confidentiality, integrity, and availability of systems across different parts of the network. While Microsoft has already fully mitigated this issue through a server-side fix with no action required from users, the severity of potential exploitation warrants attention due to the possibility of unauthorized access to sensitive information and system-wide disruption.
Microsoft Outlook Remote Code Execution Vulnerability
A remote code execution vulnerability in Microsoft Outlook enables authenticated attackers to bypass registry block lists and create malicious DLL files without requiring user interaction, exploitable through both direct access and preview pane vectors. The vulnerability allows attackers to execute arbitrary code with logged-on user privileges, potentially leading to system compromise, data theft, and lateral movement within the network. Given the low attack complexity, network-based attack vector, and high impact on system confidentiality, integrity, and availability, this represents a significant threat to organizational security.
Windows Kernel Elevation of Privilege Vulnerability
A Windows kernel privilege escalation vulnerability allows local attackers to execute arbitrary code by running a specially crafted application from within an AppContainer environment, enabling elevation from low privileges to SYSTEM level access. The vulnerability's changed scope characteristic means attackers can break out of the AppContainer isolation, while the ability to achieve kernel-mode code execution represents a critical security boundary failure that could lead to complete system compromise, data theft, and malware persistence.
Windows Wi-Fi Driver Remote Code Execution Vulnerability
Exploit
A critical remote code execution vulnerability in the Windows Wi-Fi Driver allows an unauthenticated attacker within radio proximity to execute arbitrary code with SYSTEM privileges by sending specially crafted network packets to a target system's Wi-Fi adapter. The adjacency requirement provides some natural mitigation, but the lack of required user interaction and low attack complexity, combined with the potential for complete system compromise, makes this vulnerability particularly dangerous for environments where attackers could gain physical proximity to target systems.
CVE ID | CVSS Score | Product | Trend | Exploit |
---|---|---|---|---|
CVE-2024-38093Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 4.3 | edge | - | |
CVE-2024-38083Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 4.3 | edge | - | |
CVE-2024-38082Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 4.7 | edge | - | |
CVE-2024-37325Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability | CVSS 8.1 | azure_data_science_virtual_machine | - | |
CVE-2024-35265Windows Perception Service Elevation of Privilege Vulnerability | CVSS 7 | windows_10_1809 | - | |
CVE-2024-35263Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | CVSS 5.7 | dynamics_365 | - | |
CVE-2024-35260An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network.
| CVSS 8 | - | - | |
CVE-2024-35255Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | CVSS 5.5 | Microsoft Authentication Library | - | |
CVE-2024-35254Azure Monitor Agent Elevation of Privilege Vulnerability | CVSS 7.1 | azure_monitor_agent | - | |
CVE-2024-35253Microsoft Azure File Sync Elevation of Privilege Vulnerability | CVSS 4.4 | azure_file_sync | - | |
CVE-2024-35252Azure Storage Movement Client Library Denial of Service Vulnerability | CVSS 7.5 | azure_storage_data_movement_library | - | |
CVE-2024-35250This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the UnserializePropertySet function. The issue results from improper handling of privilege context transitions. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250</a> <br/></td> | CVSS 7.8 | windows | - | |
CVE-2024-35249Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability | CVSS 8.8 | dynamics_365_business_central | - | |
CVE-2024-35248Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | CVSS 7.3 | dynamics_365_business_central | - | |
CVE-2024-30104Microsoft Office Remote Code Execution Vulnerability | CVSS 7.8 | 365_apps | - | |
CVE-2024-30103Microsoft Outlook Remote Code Execution Vulnerability | CVSS 8.8 | 365_apps | - | |
CVE-2024-30102Microsoft Office Remote Code Execution Vulnerability | CVSS 7.3 | 365_apps | - | |
CVE-2024-30101Microsoft Office Remote Code Execution Vulnerability | CVSS 7.5 | 365_apps | - | |
CVE-2024-30100Microsoft SharePoint Server Remote Code Execution Vulnerability | CVSS 7.8 | sharepoint_server | - | |
CVE-2024-30099Windows Kernel Elevation of Privilege Vulnerability | CVSS 7 | windows | - | |
CVE-2024-30097Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | CVSS 8.8 | remote | - | |
CVE-2024-30096Windows Cryptographic Services Information Disclosure Vulnerability | CVSS 5.5 | Windows | - | |
CVE-2024-30095Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-30094Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-30093Windows Storage Elevation of Privilege Vulnerability | CVSS 7.3 | windows_10_1507 | - | |
CVE-2024-30091Win32k Elevation of Privilege Vulnerability | CVSS 7.8 | Windows | - | |
CVE-2024-30090Microsoft Streaming Service Elevation of Privilege Vulnerability | CVSS 7 | windows_10_1507 | Oct 17, 2024 | |
CVE-2024-30089This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the Microsoft Kernel Streaming Server driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. <br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30089">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30089</a> <br/></td> | CVSS 7.8 | windows_10_1809 | - | |
CVE-2024-30088This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the implementation of NtQueryInformationToken. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088</a> <br/></td> | CVSS 7 | windows | Jun 26, 2024 | |
CVE-2024-30087This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the win32kfull driver. The issue results from the lack of proper input validation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087</a> <br/></td> | CVSS 7.8 | Windows | - | |
CVE-2024-30086This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within DirectComposition. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086</a> <br/></td> | CVSS 7.8 | Windows | - | |
CVE-2024-30085This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the cldflt kernel driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30085">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30085</a> <br/></td> | CVSS 7.8 | windows | - | |
CVE-2024-30084This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the UnserializePropertySet function in the ks.sys driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084</a> <br/></td> | CVSS 7 | windows | - | |
CVE-2024-30083Windows Standards-Based Storage Management Service Denial of Service Vulnerability | CVSS 7.5 | Windows | - | |
CVE-2024-30082This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30082">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30082</a> <br/></td> | CVSS 7.8 | Windows | - | |
CVE-2024-30080Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | CVSS 9.8 | message_queuing | - | |
CVE-2024-30078Windows Wi-Fi Driver Remote Code Execution Vulnerability | CVSS 8.8 | windows_10_1507 | Jun 17, 2024 | |
CVE-2024-30077Windows OLE Remote Code Execution Vulnerability | CVSS 8 | windows | - | |
CVE-2024-30076Windows Container Manager Service Elevation of Privilege Vulnerability | CVSS 6.8 | windows | - | |
CVE-2024-30075Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | CVSS 8 | Windows | - | |
CVE-2024-30074Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | CVSS 8 | Windows | - | |
CVE-2024-30072Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | CVSS 7.8 | remote | - | |
CVE-2024-30070DHCP Server Service Denial of Service Vulnerability | CVSS 7.5 | dhcp | - | |
CVE-2024-30069Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 4.7 | Windows | - | |
CVE-2024-30068Windows Kernel Elevation of Privilege Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-30067Winlogon Elevation of Privilege Vulnerability | CVSS 5.5 | windows_10_1507 | - | |
CVE-2024-30066Winlogon Elevation of Privilege Vulnerability | CVSS 5.5 | windows_10_1507 | - | |
CVE-2024-30065Windows Themes Denial of Service Vulnerability | CVSS 5.5 | windows | - | |
CVE-2024-30064Windows Kernel Elevation of Privilege Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-30063Windows Distributed File System (DFS) Remote Code Execution Vulnerability | CVSS 6.7 | windows | - | |
CVE-2024-30062Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | CVSS 7.8 | Windows | - | |
CVE-2024-30058Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 5.4 | edge | - | |
CVE-2024-30057Microsoft Edge for iOS Spoofing Vulnerability | CVSS 5.4 | edge | - | |
CVE-2024-30052Visual Studio Remote Code Execution Vulnerability | CVSS 4.7 | visual_studio | Oct 4, 2024 | |
CVE-2024-29060Visual Studio Elevation of Privilege Vulnerability | CVSS 6.7 | visual_studio | - |