March 6, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
March 20, 2024Rewterz Threat Advisory – Multiple Dell PowerEdge and Precision Rack Vulnerabilities
March 20, 2024Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
March 20, 2024Rewterz Threat Advisory – Multiple Dell PowerEdge and Precision Rack Vulnerabilities
March 20, 2024
Severity
High
Analysis Summary
CVE-2024-26165 CVSS:8.8
Microsoft Visual Studio Code local allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-21432 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Update Stack . By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2024-21411 CVSS:8.8
Microsoft Skype for Consumer could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-21330 CVSS:7.8
Microsoft Azure Open Management Infrastructure (OMI) could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-26203 CVSS:7.3
Microsoft Azure Data Studio could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to obtain the privileges of the user who is running the affected application.
CVE-2024-21400 CVSS:9
Microsoft Azure Kubernetes Service Confidential Containers could allow a remote attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
Impact
- Privilege Escalation
- Gain Access
Indicators Of Compromise
CVE
- CVE-2024-26165
- CVE-2024-21432
- CVE-2024-21411
- CVE-2024-21330
- CVE-2024-26203
- CVE-2024-21400
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2022
- Microsoft Visual Studio Code
- Microsoft System Center Operations Manager (SCOM) 2019
- Microsoft System Center Operations Manager (SCOM) 2022
- Microsoft Windows Server 2019 (Server Core installation)
- Microsoft Windows Server 2022 (Server Core installation)
- Microsoft Azure Kubernetes Service Confidential Containers
- Microsoft Windows 10 Version 1607 for 32-bit Systems 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems 1607
- Microsoft Windows 10 Version 1809 for 32-bit Systems 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems 1809
- Microsoft Windows 10 Version 21H2 for 32-bit Systems 21H2
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems 21H2
- Microsoft Windows 10 Version 21H2 for x64-based Systems 21H2
- Microsoft Windows 10 Version 22H2 for 32-bit Systems 22H2
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 10 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 version 21H2 for ARM64-based Systems
- Microsoft Windows 11 version 21H2 for x64-based Systems
- Microsoft Windows 11 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems 23H2
- Microsoft Windows Server 2012 (Server Core installation)
- Microsoft Windows Server 2012 R2 (Server Core installation)
- Microsoft Windows Server 2016 (Server Core installation)
- Microsoft Windows 11 Version 23H2 for x64-based Systems 23H2
- Microsoft Open Management Infrastructure
- Microsoft Skype for Consumer
- Microsoft Azure Data Studio
- Microsoft Operations Management Suite Agent for Linux (OMS)
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.