Request a Demo
Rewterz
ICS: Multiple Siemens Products Vulnerabilities
August 16, 2024
Rewterz
AWS Misconfiguration Exposes Data Across 110,000 Domains – Active IOCs
August 17, 2024

Multiple Microsoft Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-38109 CVSS:9.1

Microsoft Azure Health Bot could allow a remote attacker to gain elevated privileges on the system, caused by a server-side request forgery vulnerability. An attacker could exploit this vulnerability to elevate privileges over a network.

CVE-2024-38169 CVSS:7.8

Microsoft Office Visio could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38171 CVSS:7.8

Microsoft PowerPoint could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38163 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Update Stack component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38146 CVSS:7.5

Microsoft Windows is vulnerable to a denial of service, caused by a flaw in Layer-2 Bridge Network component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-38158 CVSS:7

Microsoft Azure IoT SDK could allow a local authenticated attacker to execute arbitrary code on the system. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38141 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, cause by a flaw in the Ancillary Function Driver for WinSock component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38155 CVSS:5.5

Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Security Center Broker component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-38168 CVSS:7.5

Microsoft .NET and Visual Studio are vulnerable to a denial of service. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-38172 CVSS:7.8

Microsoft Excel could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38162 CVSS:7.8

Microsoft Azure Connected Machine Agent could allow a local attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38173 CVSS:6.7

Microsoft Outlook could allow a local authenticated attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38063 CVSS:9.8

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the TCP/IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38161 CVSS:6.8

Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the Mobile Broadband Driver component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38118 CVSS:5.5

Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Local Security Authority (LSA) Server component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-38135 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in NT OS Kernel component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38184 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Kernel-Mode Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38177 CVSS:7.8

Microsoft Windows App Installer could allow a remote attacker to conduct spoofing attacks.

CVE-2024-38222 CVSS:6.5

Microsoft Edge (Chromium-based) could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-38211 CVSS:8.2

Microsoft Dynamics 365 (on-premises) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Impact

  • Denial of Service
  • Gain Access
  • Code Execution
  • Privilege Escalation
  • Cross-Site Scripting
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2024-38109
  • CVE-2024-38169
  • CVE-2024-38171
  • CVE-2024-38163
  • CVE-2024-38146
  • CVE-2024-38158
  • CVE-2024-38141
  • CVE-2024-38155
  • CVE-2024-38168
  • CVE-2024-38172
  • CVE-2024-38162
  • CVE-2024-38173
  • CVE-2024-38063
  • CVE-2024-38161
  • CVE-2024-38118
  • CVE-2024-38135
  • CVE-2024-38184
  • CVE-2024-38177
  • CVE-2024-38222
  • CVE-2024-38211

Affected Vendors

Microsoft

Affected Products

  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Edge (Chromium-based)
  • Microsoft Dynamics 365 (on-premises) 9.1
  • Microsoft .NET 8.0
  • Microsoft Windows 11 version 21H2 for ARM64-based Systems
  • Microsoft Windows 11 version 21H2 for x64-based Systems
  • Microsoft 365 Apps for Enterprise for 32-bit Systems
  • Microsoft Visual Studio 2022 version 17.6
  • Microsoft Windows 10 Version 1507 - 10.0.0
  • Microsoft Windows 10 Version 1607 - 10.0.0
  • Microsoft Windows 10 Version 1607 for 32-bit Systems - 1607
  • Microsoft Windows 10 Version 1607 for x64-based Systems - 1607
  • Microsoft Windows 10 Version 1809 - 10.0.0
  • Microsoft Windows 10 Version 1809 for 32-bit Systems - 1809
  • Microsoft Windows 10 Version 1809 for ARM64-based Systems - 1809
  • Microsoft Windows 10 Version 1809 for x64-based Systems - 1809
  • Microsoft 365 Apps for Enterprise - 16.0.1
  • Microsoft Office 2019 - 19.0.0
  • Microsoft Azure Health Bot
  • Microsoft Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Microsoft Office 2019 - 19.0.0
  • Microsoft Windows 10 Version 21H2 - 10.0.0
  • Microsoft Windows 10 Version 21H2 for 32-bit Systems - 21H2
  • Microsoft Windows 10 Version 21H2 for 32-bit Systems - 21H2 Microsoft Windows 10 Version 21H2 for ARM64-based Systems - 21H2
  • Microsoft Windows 10 Version 21H2 for x64-based Systems - 21H2
  • Microsoft Windows 10 Version 22H2 - 10.0.0
  • Microsoft Windows 11 version 21H2 - 10.0.0
  • Microsoft Windows 10 Version 22H2 for 32-bit Systems - 22H2
  • Microsoft Windows 10 Version 22H2 for x64-based Systems - 22H2
  • Microsoft Windows 11 Version 23H2 for ARM64-based Systems - 23H2
  • Microsoft Windows 11 Version 23H2 for x64-based Systems - 23H2
  • Microsoft azure-uamqp-c
  • Microsoft C SDK for Azure IoT - 0
  • Microsoft .NET 8.0 - 1.0.0
  • Microsoft Visual Studio 2022 version 17.10
  • Microsoft Visual Studio 2022 version 17.10 - 17.10
  • Microsoft Visual Studio 2022 version 17.6 - 17.6.0
  • Microsoft Visual Studio 2022 version 17.8 - 17.8.0
  • Microsoft Azure Connected Machine Agent - 1.0.0
  • Microsoft App Installer - 1.0.0.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-38109

CVE-2024-38169

CVE-2024-38171

CVE-2024-38163

CVE-2024-38146

CVE-2024-38158

CVE-2024-38141

CVE-2024-38155

CVE-2024-38168

CVE-2024-38172

CVE-2024-38162

CVE-2024-38173

CVE-2024-38063

CVE-2024-38161

CVE-2024-38118

CVE-2024-38135

CVE-2024-38184

CVE-2024-38177

CVE-2024-38222

CVE-2024-38211