CVE-2024-30104

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Jun 11, 2024

010
CVSS 7.8EPSS 0.05%High
CVE info copied to clipboard

Summary

A remote code execution vulnerability exists in Microsoft Office products. An attacker could craft a malicious file that, when opened by an unsuspecting user, would allow the attacker to execute arbitrary code on the victim's system with the same privileges as the user. This vulnerability is associated with CWE-59: Improper Link Resolution Before File Access ('Link Following').

Impact

This vulnerability is severe, with a CVSS base score of 7.8 (High). If exploited, it allows an attacker to fully compromise a victim's system by running malicious code. Potential impacts include data theft, installing malware, encrypting files for ransomware, and taking control of the system. The vulnerability affects confidentiality, integrity, and availability, all rated as "HIGH" in the CVSS score.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Microsoft has released security updates to address this vulnerability. Patches are available and should be applied as soon as possible. All versions of Microsoft Office (including 2016, 2019, 2021), Office 365 apps, and Office Long Term Servicing Channel are affected and should be updated.

Mitigation

1. Apply the latest security updates from Microsoft as soon as possible for all affected products. 2. Use caution when opening files from untrusted sources. 3. Restrict file access permissions to minimize potential damage. 4. Enable and configure security tools to detect and block exploitation attempts. 5. Implement the principle of least privilege for user accounts. 6. Consider implementing application whitelisting to prevent unauthorized code execution.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Timeline

Trending

This CVE stopped trending in security discussions

Jun 27, 2024 at 2:28 AM
EPSS

EPSS Score was set to: 0.05% (Percentile: 20.9%)

Nov 19, 2024 at 6:32 PM
Static CVE Timeline Graph

Affected Systems

Microsoft/office_long_term_servicing_channel
+null more

Patches

Microsoft
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI