CVE-2024-38259
Use After Free (CWE-416)
Published: Sep 10, 2024
010
CVSS 8.8EPSS 0.09%High
CVE info copied to clipboard
Summary
Microsoft Management Console Remote Code Execution Vulnerability. This is a network-based vulnerability with low attack complexity that requires user interaction. It does not require privileges to exploit and can result in high impacts on confidentiality, integrity, and availability. The vulnerability is associated with a Use After Free (CWE-416) weakness.
Impact
If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code remotely on the affected system. The impact is severe, with potential for high compromise of system confidentiality, integrity, and availability. This means an attacker could potentially gain full control of the affected system, access or modify sensitive data, or disrupt system operations. The vulnerability has a CVSS v3.1 base score of 8.8, indicating a high severity level.
Exploitation
There is no evidence that a public proof-of-concept exists. Its exploitation has been reported by various sources, including ontinue.com.
Patch
A patch is available. Microsoft has released an official fix for this vulnerability on September 10, 2024. The patch addresses the vulnerability in multiple versions of Windows, including Windows Server 2022, Windows 11 (various versions), and Windows Server 2022 23H2. Specific version numbers that need updating include: - Windows Server 2022 23H2: versions before 10.0.25398.1128 - Windows 11 22H2: versions before 10.0.22621.4169 - Windows 11 24H2: versions before 10.0.26100.1742 - Windows Server 2022: versions before 10.0.20348.2700 - Windows 11 21H2: versions before 10.0.22000.3197 - Windows 11 23H2: versions before 10.0.22631.4169
Mitigation
1. Apply the official patch released by Microsoft as soon as possible to all affected systems. 2. Implement network segmentation and access controls to limit exposure of vulnerable systems. 3. Educate users about the risks of interacting with untrusted network sources, as the vulnerability requires user interaction. 4. Monitor for suspicious activities related to Microsoft Management Console. 5. Keep all Microsoft software and systems up-to-date with the latest security updates. 6. If patching is not immediately possible, consider restricting access to the Microsoft Management Console on affected systems until the patch can be applied.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Timeline
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (92169)
Sep 10, 2024 at 7:53 AM
CVSS
A CVSS base score of 8.8 has been assigned.
Sep 10, 2024 at 4:55 PM / microsoft
First Article
Feedly found the first article mentioning CVE-2024-38259. See article
Sep 10, 2024 at 5:08 PM / Vulners.com RSS Feed
CVE Assignment
NVD published the first details for CVE-2024-38259
Sep 10, 2024 at 5:15 PM
CVSS Estimate
Feedly estimated the CVSS score as HIGH
Sep 10, 2024 at 5:39 PM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Nessus (206907)
Sep 10, 2024 at 11:16 PM
EPSS
EPSS Score was set to: 0.09% (Percentile: 39.7%)
Sep 11, 2024 at 10:12 AM
Threat Intelligence Report
CVE-2024-43572 is a critical RCE vulnerability in Microsoft Management Console (MMC) with a CVSSv3 score of 7.8, which has been exploited in the wild as a zero-day. Attackers can exploit this vulnerability through social engineering tactics to execute arbitrary code by convincing targets to open a specially crafted file. This vulnerability follows CVE-2024-38259, which was also addressed by Microsoft in its September 2024 Patch Tuesday release, indicating ongoing security concerns within the MMC. See article
Oct 8, 2024 at 6:13 PM
Exploitation in the Wild
Attacks in the wild have been reported by Resource Center | Ontinue. See article
Oct 9, 2024 at 3:21 PM / Resource Center | Ontinue
Affected Systems
Microsoft/windows_server_2022_23h2
+null more
Patches
Microsoft
+null more
References
September 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
Windows TCP/IP CVE-2024-21416 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-26186 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-26191 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Security Zone Mapping CVE-2024-30073 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37335 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37337 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37338 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37339 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37340 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37341 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37342 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37965 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37966 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37980 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Installer CVE-2024-38014 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Detected Yes No No Microsoft Office SharePoint CVE-2024-38018 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows TCP/IP CVE-2024-38045 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows PowerShell CVE-2024-38046 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Network Address Translation (NAT) CVE-2024-38119 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Network Watcher CVE-2024-38188 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Web Apps CVE-2024-38194 8.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Stack CVE-2024-38216 8.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mark of the Web (MOTW) CVE-2024-38217 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:F/RL:O/RC:C Exploitation Detected Yes No No Azure Stack CVE-2024-38220 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Dynamics Business Central CVE-2024-38225 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office Publisher CVE-2024-38226 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Detected Yes No No Microsoft Office SharePoint CVE-2024-38227 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office SharePoint CVE-2024-38228 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Standards-Based Storage Management Service CVE-2024-38230 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Remote Desktop Licensing Service CVE-2024-38231 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Network Virtualization CVE-2024-38232 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Network Virtualization CVE-2024-38233 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Network Virtualization CVE-2024-38234 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Role: Windows Hyper-V CVE-2024-38235 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows DHCP Server CVE-2024-38236 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Microsoft Streaming Service CVE-2024-38237 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Streaming Service CVE-2024-38238 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Kerberos CVE-2024-38239 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Access Connection Manager CVE-2024-38240 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Streaming Service CVE-2024-38241 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Streaming Service CVE-2024-38242 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Streaming Service CVE-2024-38243 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Streaming Service CVE-2024-38244 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Streaming Service CVE-2024-38245 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Win32K - GRFX CVE-2024-38246 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Graphics Component CVE-2024-38247 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Storage CVE-2024-38248 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Graphics Component CVE-2024-38249 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Graphics Component CVE-2024-38250 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Win32K - ICOMP CVE-2024-38252 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Win32K - ICOMP CVE-2024-38253 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Authentication Methods CVE-2024-38254 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel-Mode Drivers CVE-2024-38256 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows AllJoyn API CVE-2024-38257 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38258 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Management Console CVE-2024-38259 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38260 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38263 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-43454 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-43455 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Setup and Deployment CVE-2024-43457 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Network Virtualization CVE-2024-43458 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows MSHTML Platform CVE-2024-43461 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office Visio CVE-2024-43463 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office SharePoint CVE-2024-43464 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office Excel CVE-2024-43465 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office SharePoint CVE-2024-43466 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Remote Desktop Licensing Service CVE-2024-43467 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure CycleCloud CVE-2024-43469 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Network Watcher CVE-2024-43470 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-43474 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Admin Center CVE-2024-43475 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Dynamics 365 (on-premises) CVE-2024-43476 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Power Automate CVE-2024-43479 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Outlook for iOS CVE-2024-43482 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Mark of the Web (MOTW) CVE-2024-43487 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C Exploitation More Likely Yes No No Windows Update CVE-2024-43491 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Detected Yes No No Microsoft AutoUpdate (MAU) CVE-2024-43492 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Libarchive CVE-2024-43495 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No
Microsoft's October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573)
CVE-2024-43572 | Microsoft Management Console Remote Code Execution Vulnerability Microsoft addresses 117 CVEs with three rated as critical and four zero-day vulnerabilities, two of which were exploited in the wild.
Microsoft’s October 2024 Patch Tuesday Addresses 117 CVEs (CVE-2024-43572, CVE-2024-43573)
Microsoft addresses 117 CVEs with three rated as critical and four zero-day vulnerabilities, two of which were exploited in the wild. CVE-2024-43572 | Microsoft Management Console Remote Code Execution Vulnerability
News
CVE-2024-38259 Microsoft Management Console Remote Code Execution Vulnerability
Vulnerability Summary for the Week of September 9, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source Info Patch Info Siemens–Industrial Edge Management Pro A vulnerability has been identified in Industrial Edge Management Pro (All versions 2024-09-10 10 CVE-2024-45032 productcert@siemens.com SAML-Toolkits–ruby-saml The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in 2024-09-10 10 CVE-2024-45409 security-advisories@github.com security-advisories@github.com security-advisories@github.com security-advisories@github.com Baxter–Connex Health Portal In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal’s database. An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content and/or perform administrative operations including shutting down the database. 2024-09-09 10 CVE-2024-6795 productsecurity@baxter.com nik00726–video carousel slider with lightbox The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. 2024-09-11 9.1 CVE-2019-25212 security@wordfence.com security@wordfence.com security@wordfence.com n/a–n/a Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function. 2024-09-10 9.8 CVE-2023-37226 cve@mitre.org cve@mitre.org cve@mitre.org n/a–n/a Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data. 2024-09-10 9.8 CVE-2023-37227 cve@mitre.org cve@mitre.org cve@mitre.org n/a–n/a Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password. 2024-09-10 9.8 CVE-2023-37231 cve@mitre.org cve@mitre.org cve@mitre.org Simple Online Planning–SO Planning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be available for execution for a few milliseconds before it is removed, leading to execution of code on the underlying system.
'Spoofing bug' plagues Windows - iTWire
While we don’t have any specific details about the in-the-wild exploitation of CVE-2024-43572, this patch arrived a few months after researchers disclosed an attack technique called GrimResource that leveraged an old cross-site scripting (XSS) vulnerability combined with a specially crafted Microsoft Saved Console (MSC) file to gain code execution privileges. staff research engineer, Tenable: This month, Microsoft patched two zero-day vulnerabilities that were exploited in the wild.
‘Spoofing bug’ plagues Windows
While we don’t have any specific details about the in-the-wild exploitation of CVE-2024-43572, this patch arrived a few months after researchers disclosed an attack technique called GrimResource that leveraged an old cross-site scripting (XSS) vulnerability combined with a specially crafted Microsoft Saved Console (MSC) file to gain code execution privileges. staff research engineer, Tenable: This month, Microsoft patched two zero-day vulnerabilities that were exploited in the wild.
‘Spoofing bug’ plagues Windows
While we don’t have any specific details about the in-the-wild exploitation of CVE-2024-43572, this patch arrived a few months after researchers disclosed an attack technique called GrimResource that leveraged an old cross-site scripting (XSS) vulnerability combined with a specially crafted Microsoft Saved Console (MSC) file to gain code execution privileges. staff research engineer, Tenable: This month, Microsoft patched two zero-day vulnerabilities that were exploited in the wild.
See 68 more articles and social media posts