homepage
Open menu
Contact Sales

@RISK

The Consensus Security Vulnerability Alert

April 11, 2024  |  Vol. 24, Num. 15

Internet Storm Center SpotlightInternet Storm Center EntriesRecent CVEs

Internet Storm Center Spotlight

INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

April 2024 Microsoft Patch Tuesday Summary

Published: 2024-04-09

Last Updated: 2024-04-09 19:31:25 UTC

by Johannes Ullrich (Version: 1)

This update covers a total of 157 vulnerabilities. Seven of these vulnerabilities are Chromium vulnerabilities affecting Microsoft's Edge browser. However, only three of these vulnerabilities are considered critical. One of the vulnerabilities had already been disclosed and exploited.

Vulnerabilities of Interest:

CVE-2024-26234: This proxy driver spoofing vulnerability has already been exploited and made public before today.

CVE-2024-21322, CVE-2024-21323, CVE-2024-29053: These critical vulnerabilities allow remote code execution in Microsoft Defender for IoT.

The update patches about 40 (sorry, lost exact count) remote code execution vulnerabilities in Microsoft OLE Driver for SQL Server. These vulnerabilities are rated only "important", not "critical". The vulnerability affects clients connecting to malicious SQL servers. The client would be the target, not the server.

The seven important remote code execution vulnerabilities in the DNS Server Service look interesting. To achieve remote code execution, "perfect timing" is required according to Microsoft.

Read the full entry:

https://isc.sans.edu/diary/April+2024+Microsoft+Patch+Tuesday+Summary/30822/

Slicing up DoNex with Binary Ninja

Published: 2024-04-04

Last Updated: 2024-04-04 17:53:02 UTC

by John Moutos (Version: 1)

[This is a guest diary by John Moutos]

Intro

Ever since the LockBit source code leak back in mid-June 2022, it is not surprising that newer ransomware groups have chosen to adopt a large amount of the LockBit code base into their own, given the success and efficiency that LockBit is notorious for. One of the more clear-cut spinoffs from LockBit, is Darkrace, a ransomware group that popped up mid-June 2023, with samples that closely resembled binaries from the leaked LockBit builder, and followed a similar deployment routine. Unfortunately, Darkrace dropped off the radar after the administrators behind the LockBit clone decided to shut down their leak site.

It is unsurprising that, 8 months after the appearance and subsequent disappearance of the Darkrace group, a new group who call themselves DoNex, have appeared in their place, utilizing samples that closely resemble those previously used by the Darkrace group, and LockBit by proxy.

Analysis

Dropping the DoNex sample in "Detect It Easy" (DIE), we can see the binary does not appear to be packed, is 32-bit, and compiled with Microsoft's Visual C/C++ compiler.

https://isc.sans.edu/diary/Slicing+up+DoNex+with+Binary+Ninja/30812/

Internet Storm Center Entries

A Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary] (2024.04.07)

https://isc.sans.edu/diary/A+Use+Case+for+Adding+Threat+Hunting+to+Your+Security+Operations+Team+Detecting+Adversaries+Abusing+Legitimate+Tools+in+A+Customer+Environment+Guest+Diary/30816/

Some things you can learn from SSH traffic (2024.04.03)

https://isc.sans.edu/diary/Some+things+you+can+learn+from+SSH+traffic/30808/

Recent CVEs

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2024-2389 - Flowmon is vulnerable to an operating system command injection flaw, allowing unauthenticated users to execute arbitrary commands via the management interface.

Product: Flowmon Networks Flowmon

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2389

ISC Podcast: https://isc.sans.edu/podcastdetail/8922

NVD References:

- https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability

- https://www.flowmon.com

CVE-2024-21894 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a heap overflow flaw that can be exploited by an unauthenticated attacker to crash the service and potential execute arbitrary code.

Product: Ivanti Connect Secure

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21894

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References: https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

CVE-2024-22052 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a null pointer dereference flaw which can be exploited by an unauthenticated attacker to conduct a DoS attack.

Product: Ivanti Connect Secure

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22052

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

CVE-2024-22053 - Ivanti Connect Secure and Ivanti Policy Secure are susceptible to a heap overflow vulnerability allowing an unauthenticated attacker to crash the service or potentially read memory contents.

Product: Ivanti Connect Secure

CVSS Score: 8.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22053

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

CVE-2024-29990 - Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Product: Microsoft Azure Kubernetes Service

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29990

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990

CVE-2024-29748 - Product X has a logic error that could allow for local privilege escalation without the need for additional execution privileges, but requires user interaction for exploitation.

Product: Google Android

CVSS Score: 7.8

** KEV since 2024-04-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29748

NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01

CVE-2024-21322, CVE-2024-21323, CVE-2024-29053 - Microsoft Defender for IoT Remote Code Execution Vulnerabilities

Product: Microsoft Defender for IoT

CVSS Scores: 7.2-8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21322

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21323

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29053

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053

CVE-2024-29745 - The vulnerable product has uninitialized data that may lead to local information disclosure without requiring user interaction.

Product: Google Android

CVSS Score: 5.5

** KEV since 2024-04-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29745

NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01

CVE-2024-26234 - Proxy Driver Spoofing Vulnerability

Product: Microsoft Windows Server

CVSS Score: 6.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26234

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234

CVE-2024-30620, CVE-2024-30621 - Tenda AX1803 v1.0.0.1 contains a stack overflow vulnerabilities

Product: Tenda Ax1803

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30620

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30621

NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md

NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md

CVE-2024-25918 - InstaWP Connect allows code injection through unrestricted upload of dangerous file types, affecting versions from n/a through 0.1.0.8.

Product: InstaWP Team InstaWP Connect

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25918

NVD References: https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cve

CVE-2024-27951 - Multiple Page Generator Plugin - MPG allows unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server.

Product: Themeisle Multiple Page Generator Plugin

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27951

NVD References: https://patchstack.com/database/vulnerability/multiple-pages-generator-by-porthas/wordpress-multiple-page-generator-plugin-3-4-0-remote-code-execution-rce-vulnerability?_s_id=cve

CVE-2024-27972 - WP Fusion Lite is vulnerable to Command Injection due to Improper Neutralization of Special Elements in versions n/a through 3.41.24.

Product: Very Good Plugins WP Fusion Lite

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27972

NVD References: https://patchstack.com/database/vulnerability/wp-fusion-lite/wordpress-wp-fusion-lite-plugin-3-41-24-remote-code-execution-rce-vulnerability?_s_id=cve

CVE-2024-31380 - Soflyy Oxygen Builder is vulnerable to code injection, allowing for improper control of generation of code.

Product: Soflyy Oxygen Builder

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31380

NVD References:

- https://patchstack.com/articles/unpatched-authenticated-rce-in-oxygen-and-breakdance-builder?_s_id=cve

- https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-plugin-4-8-1-auth-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/oxygen/client-control-remote-code-execution-oxygen-4-8-1?_s_id=cve

CVE-2024-31390 - Soflyy Breakdance is vulnerable to Code Injection in versions from n/a through 1.7.0.

Product: Soflyy Breakdance

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31390

NVD References:

- https://patchstack.com/articles/unpatched-authenticated-rce-in-oxygen-and-breakdance-builder?_s_id=cve

- https://patchstack.com/database/vulnerability/breakdance/wordpress-breakdance-plugin-1-7-0-authenticated-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/breakdance/client-mode-remote-code-execution-breakdance-1-7-0?_s_id=cve

CVE-2023-25699 - VideoWhisper Live Streaming Integration allows OS Command Injection, affecting versions from n/a through 5.5.15.

Product: VideoWhisper Live Streaming Integration

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25699

NVD References: https://patchstack.com/database/vulnerability/videowhisper-live-streaming-integration/wordpress-broadcast-live-video-live-streaming-html5-webrtc-hls-rtsp-rtmp-plugin-5-5-15-remote-code-execution-rce?_s_id=cve

CVE-2024-24707 - Cwicly Builder, SL allows for Code Injection in versions from n/a through 1.4.0.2.

Product: SL Cwicly Builder

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24707

NVD References:

- https://patchstack.com/database/vulnerability/cwicly/wordpress-cwicly-plugin-1-4-0-2-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/cwicly/remote-code-execution-cwicly-1-4-0-2?_s_id=cve

CVE-2024-25096 - Canto Inc. Canto allows Code Injection, putting versions from n/a through 3.0.7 at risk of exploitation.

Product: Canto

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25096

NVD References: https://patchstack.com/database/vulnerability/canto/wordpress-canto-plugin-3-0-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve

CVE-2024-3272 - D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L are vulnerable to a very critical issue allowing remote attackers to exploit hard-coded credentials, but the product is no longer supported by the vendor.

Product: D-Link DNS-320L

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3272

NVD References:

- https://github.com/netsecfish/dlink

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.259283

- https://vuldb.com/?id.259283

CVE-2024-2692 - SiYuan version 3.0.3 is susceptible to Server Side XSS, allowing attackers to execute arbitrary commands on the server.

Product: SiYuan version 3.0.3

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2692

NVD References:

- https://fluidattacks.com/advisories/dezco/

- https://github.com/siyuan-note/siyuan/

CVE-2023-36645 - SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function.

Product: ITB-GmbH TradePro

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36645

NVD References: https://github.com/caffeinated-labs/CVE-2023-36645

CVE-2023-3454 - Brocade Fabric OS is vulnerable to remote code execution (RCE) allowing attackers to execute arbitrary code and gain root access to the switch.

Product: Brocade Fabric OS

CVSS Score: 8.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3454

ISC Podcast: https://isc.sans.edu/podcastdetail/8928

NVD References: https://support.broadcom.com/external/content/SecurityAdvisories/0/23215

CVE-2024-25693 - Esri Portal for ArcGIS versions <= 11.2 allows remote authenticated attackers to execute code by exploiting a path traversal vulnerability.

Product: Esri Portal for ArcGIS

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25693

NVD References: https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/

CVE-2024-31218 - Webhood is vulnerable to Missing Authentication for Critical Function in versions 0.9.0 and earlier, allowing an unauthenticated attacker to create admin accounts through the database admin API.

Product: Pocketbase Webhood

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31218

NVD References:

- https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9

- https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2

CVE-2023-48426 - u-boot bug that allows for u-boot shell and interrupt over UART

Product: u-boot

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48426

NVD References: https://source.android.com/docs/security/bulletin/chromecast/2023-12-01

CVE-2024-22004 - Linux Nonsecure operating system is vulnerable to privilege escalation attacks that can lead to secure memory leakage from Trusted Applications due to a length check vulnerability.

Product: Linux Nonsecure operating system

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22004

NVD References: https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NA

CVE-2024-31848 - CData API Server version < 23.4.8844 using embedded Jetty server is vulnerable to path traversal, allowing remote attackers to gain administrative access.

Product: CData API Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31848

NVD References: https://www.tenable.com/security/research/tra-2024-09

CVE-2024-31849 - CData Connect Java version < 23.4.8846 running on embedded Jetty server is vulnerable to path traversal, enabling an unauthenticated remote attacker to gain administrative access.

Product: CData Connect

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31849

NVD References: https://www.tenable.com/security/research/tra-2024-09

CVE-2024-25029 - IBM Personal Communications 14.0.6 through 15.0.1 contains a vulnerability that permits remote code execution and local privilege escalation, enabling an unprivileged user to execute commands with full privileges on a target computer.

Product: IBM Personal Communications

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25029

NVD References:

- https://exchange.xforce.ibmcloud.com/vulnerabilities/281619

- https://www.ibm.com/support/pages/node/7147672

CVE-2024-3156, CVE-2024-3158, CVE-2024-3159 - Multiple Vulnerabilities in Chromium: Inappropriate implementation in V8; Use after free in Bookmarks; Out of bounds memory access in V8

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3156

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3158

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3159

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3156

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3158

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3159

NVD References: https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html

NVD References: https://issues.chromium.org/issues/329130358

NVD References: https://issues.chromium.org/issues/329965696

NVD References: https://issues.chromium.org/issues/330760873

CVE-2024-31280 - Andy Moyle Church Admin is vulnerable to an unrestricted upload of file with dangerous type flaw from versions n/a through 4.1.5.

Product: Andy Moyle Church Admin

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31280

NVD References: https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-5-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2024-31286 - WP Photo Album Plus is vulnerable to an unrestricted upload of file with dangerous type issue before version 8.6.03.005.

Product: J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31286

NVD References: https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-6-03-005-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2024-31345 - Sukhchain Singh Auto Poster allows unrestricted upload of files with dangerous types, posing a security risk in versions from n/a through 1.2.

Product: Sukhchain Singh Auto Poster

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31345

NVD References: https://patchstack.com/database/vulnerability/auto-poster/wordpress-auto-poster-plugin-1-2-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2024-31224 - GPT Academic versions 3.64 through 3.73 are vulnerable to remote code execution due to untrustworthy data deserialization from the client, with the risk mitigated by updating to version 3.74 containing a patch.

Product: GPT Academic gpt_academic

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31224

NVD References:

- https://github.com/binary-husky/gpt_academic/commit/8af6c0cab6d96f5c4520bec85b24802e6e823f35

- https://github.com/binary-husky/gpt_academic/pull/1648

- https://github.com/binary-husky/gpt_academic/security/advisories/GHSA-jcjc-89wr-vv7g

CVE-2023-1083 - MQTT allows an unauthenticated remote attacker to send and receive messages and execute commands on the system.

Product: Philips Hue Smart Bridge

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1083

NVD References: https://cert.vde.com/en/advisories/VDE-2024-009

CVE-2023-6318 through CVE-2023-6320 - webOS command injection vulnerabilities

Product: LG webOS

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6318

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6319

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6320

NVD References: https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

CVE-2023-45590 - Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 is vulnerable to code injection attacks, enabling malicious execution of unauthorized code via visit to a malicious website.

Product: Fortinet FortiClientLinux

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-45590

NVD References: https://fortiguard.com/psirt/FG-IR-23-087

CVE-2024-20670 - Outlook for Windows Spoofing Vulnerability

Product: Microsoft Outlook

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20670

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20670

CVE-2024-20678 - Remote Procedure Call Runtime Remote Code Execution Vulnerability

Product: Microsoft Windows Operating System

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20678

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20678

CVE-2024-20669, CVE-2024-20688, CVE-2024-20689, CVE-2024-26168, CVE-2024-26171, CVE-2024-26175, CVE-2024-26180, CVE-2024-26189, CVE-2024-26194, CVE-2024-26240, CVE-2024-26250, CVE-2024-28896 through CVE-2024-28898, CVE-2024-28903, CVE-2024-28919 through CVE-2024-28925, CVE-2024-29061, CVE-2024-29062 - Secure Boot Security Feature Bypass Vulnerabilities

Product: Microsoft Windows

CVSS Scores: 6.3-8.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20669

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20688

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20689

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26168

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26171

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26175

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26180

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26189

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26194

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26240

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26250

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28896

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28897

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28898

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28903

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28919

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28920

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28921

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28922

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28923

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28924

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28925

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29061

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29062

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20669

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20688

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20689

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26168

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26171

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26175

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26180

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26189

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26194

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26240

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26250

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28896

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28897

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28898

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28903

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28919

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28920

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28921

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28922

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28923

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28924

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28925

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29061

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29062

CVE-2024-20693 & CVE-2024-26218 - Windows Kernel Elevation of Privilege Vulnerabilities

Product: Microsoft Windows Kernel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20693

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26218

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20693

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26218

CVE-2024-21324, CVE-2024-29054 & CVE-2024-29055 - Microsoft Defender for IoT Elevation of Privilege Vulnerabilities

Product: Microsoft Defender for IoT

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21324

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29054

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29055

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21324

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29054

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29055

CVE-2024-21409 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21409

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409

CVE-2024-21447 - Windows Authentication Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21447

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21447

CVE-2024-26158 - Microsoft Install Service Elevation of Privilege Vulnerability

Product: Microsoft Install Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26158

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158

CVE-2024-26195, CVE-2024-26202, CVE-2024-26212, CVE-2024-26215 - DHCP Server Service Remote Code Execution and Denial of Service Vulnerabilities

Product: Microsoft DHCP Server Service

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26195

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26202

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26212

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26215

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26195

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26202

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26212

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26215

CVE-2024-26179, CVE-2024-26200, CVE-2024-26205 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerabilities

Product: Microsoft Windows Routing and Remote Access Service (RRAS)

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26179

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26200

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26205

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26179

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26200

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26205

CVE-2024-26208 & CVE-2024-26232 - Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerabilities

Product: Microsoft Message Queuing (MSMQ)

CVSS Scores: 7.2 & 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26208

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26232

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26208

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26232

CVE-2024-26211 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Product: Microsoft Windows Remote Access Connection Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26211

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26211

CVE-2024-26210 & CVE-2024-26244 - Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerabilities

Product: Microsoft WDAC OLE DB Provider

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26210

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26244

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244

CVE-2024-26214 - Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability

Product: Microsoft SQL Server ODBC Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26214

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26214

CVE-2024-26216 - Windows File Server Resource Management Service Elevation of Privilege Vulnerability

Product: Microsoft Windows File Server

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26216

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26216

CVE-2024-26219 - HTTP.sys Denial of Service Vulnerability

Product: Microsoft HTTP.sys

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26219

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26219

CVE-2024-26221 through CVE-2024-26224, CVE-2024-26227 through CVE-2024-26231, CVE-2024-26233 - Windows DNS Server Remote Code Execution Vulnerabilities

Product: Microsoft Windows DNS Server

CVSS Scores: 7.2 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26221

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26222

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26223

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26224

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26227

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26228

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26229

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26230

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26231

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26233

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26221

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26222

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26223

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26224

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26227

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26228

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26230

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26231

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26233

CVE-2024-26235 & CVE-2024-26236 - Windows Update Stack Elevation of Privilege Vulnerabilities

Product: Microsoft Windows Update Stack

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26235

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26236

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26235

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26236

CVE-2024-26237 - Windows Defender Credential Guard Elevation of Privilege Vulnerability

Product: Microsoft Windows Defender

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26237

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26237

CVE-2024-26239 & CVE-2024-26242 - Windows Telephony Server Elevation of Privilege Vulnerability

Product: Microsoft Windows Telephony Server

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26239

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26242

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26239

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26242

CVE-2024-26241 - Win32k Elevation of Privilege Vulnerability

Product: Microsoft Win32k

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26241

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26241

CVE-2024-26243 - Windows USB Print Driver Elevation of Privilege Vulnerability

Product: Windows USB Print Driver

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26243

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26243

CVE-2024-26245 - Windows SMB Elevation of Privilege Vulnerability

Product: Microsoft Windows SMB

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26245

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26245

CVE-2024-26248 - Windows Kerberos Elevation of Privilege Vulnerability

Product: Microsoft Windows Kerberos

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26248

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26248

CVE-2024-26254 - Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability

Product: Microsoft Virtual Machine Bus (VMBus)

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26254

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26254

CVE-2024-26256 - libarchive Remote Code Execution Vulnerability

Product: libarchive

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26256

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256

CVE-2024-26257 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26257

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26257

CVE-2024-26213, CVE-2024-28904, CVE-2024-28905, CVE-2024-28907 - Microsoft Brokering File System Elevation of Privilege Vulnerabilities

Product: Microsoft Brokering File System

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26213

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28904

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28905

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28907

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26213

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28904

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28905

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28907

CVE-2024-28906, CVE-2024-28908 through CVE-2024-28915, CVE-2024-28926, CVE-2024-28927, CVE-2024-28939, CVE-2024-28940, CVE-2024-28942, CVE-2024-28944, CVE-2024-28945, CVE-2024-29044 through CVE-2024-29048, CVE-2024-29982 through CVE-2024-29985 - Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabilities

Product: Microsoft OLE DB Driver for SQL Server

CVSS Score: 7.5 - 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28906

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28908

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28909

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28910

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28911

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28912

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28913

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28914

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28915

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28926

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28927

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28939

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28940

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28942

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28944

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28945

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29044

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29045

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29046

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29047

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29048

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29982

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29983

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29984

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29985

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28906

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28908

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28909

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28910

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28911

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28912

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28913

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28914

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28915

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28926

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28927

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28939

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28940

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28944

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28945

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29044

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29045

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29046

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29047

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29048

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29983

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29984

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985

CVE-2024-28929 through CVE-2024-28938, CVE-2024-28941, CVE-2024-28943, CVE-2024-29043 - Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Product: Microsoft ODBC Driver for SQL Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28929

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28930

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28931

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28932

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28933

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28934

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28935

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28936

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28937

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28938

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28941

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28943

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29043

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28941

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28943

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043

CVE-2024-29050 - Windows Cryptographic Services Remote Code Execution Vulnerability

Product: Microsoft Windows Cryptographic Services

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29050

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29050

CVE-2024-29052 - Windows Storage Elevation of Privilege Vulnerability

Product: Microsoft Windows Storage

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29052

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29052

CVE-2024-29063 - Azure AI Search Information Disclosure Vulnerability

Product: Azure AI Search

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29063

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29063

CVE-2024-29066 - Windows Distributed File System (DFS) Remote Code Execution Vulnerability

Product: Microsoft Windows Distributed File System (DFS)

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29066

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29066

CVE-2024-29988 - SmartScreen Prompt Security Feature Bypass Vulnerability

Product: Microsoft SmartScreen Prompt

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29988

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988

CVE-2024-29989 - Azure Monitor Agent Elevation of Privilege Vulnerability

Product: Microsoft Azure Monitor Agent

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29989

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29989

CVE-2024-29993 - Azure CycleCloud Elevation of Privilege Vulnerability

Product: Microsoft Azure CycleCloud

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29993

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993

CVE-2024-24576 - Rust had a critical vulnerability in its standard library prior to version 1.77.2 on Windows, allowing attackers to execute arbitrary shell commands by bypassing escaping when invoking batch files with untrusted arguments.

Product: Rust

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24576

NVD References:

- https://doc.rust-lang.org/std/io/enum.ErrorKind.html#variant.InvalidInput

- https://doc.rust-lang.org/std/os/windows/process/trait.CommandExt.html#tymethod.raw_arg

- https://doc.rust-lang.org/std/process/struct.Command.html

- https://doc.rust-lang.org/std/process/struct.Command.html#method.arg

- https://doc.rust-lang.org/std/process/struct.Command.html#method.args

- https://github.com/rust-lang/rust/issues

- https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh

- https://www.rust-lang.org/policies/security

CVE-2024-1813 - The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection up to version 2.11.0, allowing unauthenticated attackers to inject a PHP Object and potentially delete files, retrieve data, or execute code.

Product: WordPress Simple Job Board plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1813

NVD References:

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3051715%40simple-job-board&old=3038476%40simple-job-board&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/89584034-4a93-42a6-8fef-55dc3895c45c?source=cve

CVE-2024-2804 - The Network Summary plugin for WordPress is vulnerable to SQL Injection through the 'category' parameter in all versions up to 2.0.11, allowing unauthenticated attackers to access sensitive database information.

Product: WordPress Network Summary plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2804

NVD References:

- https://plugins.trac.wordpress.org/browser/network-summary/trunk/includes/class-network-summary.php#L225

- https://www.wordfence.com/threat-intel/vulnerabilities/id/3320c182-b1f9-4e06-92ea-0fa670557dd0?source=cve

CVE-2024-3136 - The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion up to version 3.3.3, allowing unauthenticated attackers to execute arbitrary files on the server.

Product: MasterStudy LMS plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3136

NVD References:

- https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/helpers.php

- https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/templates.php

- https://www.wordfence.com/threat-intel/vulnerabilities/id/9a573740-cdfe-4b58-b33b-5e50bcbc4779?source=cve

CVE-2024-3119 & CVE-2024-3120 - Sngrep buffer overflow vulnerabilities

Product: sngrep

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3119

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3120

NVD References:

- https://github.com/irontec/sngrep/pull/480/commits/73c15c82d14c69df311e05fa75da734faafd365f

- https://github.com/irontec/sngrep/pull/480/commits/f229a5d31b0be6a6cc3ab4cd9bfa4a1b5c5714c6

- https://github.com/irontec/sngrep/releases/tag/v1.8.1

- https://pentraze.com/vulnerability-reports/

CVE-2019-3816 & CVE-2019-3833 - -- no description --

Product: OpenWSMAN, versions up to and including 2.6.9

OpenSUSE Leap 42.3

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-3816

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-3833

ISC Diary: https://isc.sans.edu/diary/30822

NVD References:

- https://bugzilla.suse.com/show_bug.cgi?id=1122623

CVE-2024-23593 - Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell

Product: Lenovo Zero Out Boot Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23593

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23593

CVE-2024-23594 - Lenovo: CVE-2024-23594 Stack buffer overflow in Lenovo system recovery boot manager

Product: Lenovo System Recovery Boot Manager

CVSS Score: 6.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23594

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23594

The following vulnerability need a manual review:

CVE-2024-2201 - A critical flaw in Netentsec NS-ASG Application Security Gateway 6.3 can lead to an SQL injection vulnerability

Product: Netentsec NS-ASG Application Security Gateway 6.3

CVSS Score: N/A

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2021

NVD References:

- https://github.com/dtxharry/cve/blob/main/cve.md

- https://vuldb.com/?id.255300