March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
An Emerging Ducktail Infostealer – Active IOCs
September 19, 2024Over 200,000 Devices Worldwide Compromised by New ‘Raptor Train’ IoT Botnet – Active IOCs
September 19, 2024An Emerging Ducktail Infostealer – Active IOCs
September 19, 2024Over 200,000 Devices Worldwide Compromised by New ‘Raptor Train’ IoT Botnet – Active IOCs
September 19, 2024
Severity
High
Analysis Summary
CVE-2024-38225 CVSS:8.8
Microsoft Dynamics 365 Business Central could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-43492 CVSS:7.8
Microsoft AutoUpdate (MAU) could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38257 CVSS:7.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by a flaw in the AllJoyn API component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-43466 CVSS:6.5
Microsoft SharePoint Server is vulnerable to a denial of service. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-37337 CVSS:7.1
Microsoft SQL Server could allow a remote attacker to obtain sensitive information caused by a flaw in Native Scoring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-37966 CVSS:7.1
Microsoft SQL Server could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the Native Scoring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-26191 CVSS:8.8
Microsoft SQL Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Native Scoring component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38217 CVSS:5.4
Microsoft Windows could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass security feature to cause impact on integrity and availability.
CVE-2024-38256 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Kernel-Mode Driver component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-38263 CVSS:7.5
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Remote Desktop Licensing Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-43491 CVSS:9.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Update component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38239 CVSS:7.2
Microsoft Windows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kerberos component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-43458 CVSS:7.7
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the Networking component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-38046 CVSS:7.8
Microsoft Windows could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the PowerShell component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-37341 CVSS:8.8
Microsoft SQL Server could allow a remote authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
Impact
- Denial of Service
- Security Bypass
- Code Execution
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-38225
- CVE-2024-43492
- CVE-2024-38257
- CVE-2024-43466
- CVE-2024-37337
- CVE-2024-37966
- CVE-2024-26191
- CVE-2024-38217
- CVE-2024-38256
- CVE-2024-38263
- CVE-2024-43491
- CVE-2024-38239
- CVE-2024-43458
- CVE-2024-38046
- CVE-2024-37341
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft SharePoint Enterprise Server 2016
- Microsoft Windows Server 2022
- Microsoft ODBC Driver 17 for SQL Server
- Microsoft SQL Server 2022 for x64-based Systems (GDR)
- Microsoft Dynamics 365 Business Central 2023 Release Wave 2
- Microsoft Windows 10 Version 1507 - 10.0.0
- Microsoft Windows 10 Version 1607 for 32-bit Systems - 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems - 1607
- Microsoft Windows 10 Version 1809 - 10.0.0
- Microsoft Windows 10 Version 21H2 - 10.0.0
- Microsoft Windows 10 Version 22H2 - 10.0.0
- Microsoft Windows 11 version 21H2 - 10.0.0
- Microsoft Windows 11 version 22H2 - 10.0.0
- Microsoft Windows Server 2016 - 10.0.0
- Microsoft Windows Server 2019 - 10.0.0
- Microsoft Windows Server 2019 (Server Core installation) - 10.0.0
- Microsoft Windows Server 2022 - 10.0.0
- Microsoft SQL Server 2017 (GDR) - 14.0.0
- Microsoft SQL Server 2019 (GDR) - 15.0.0
- Microsoft SQL Server 2016 Service Pack 3 (GDR) - 13.0.0
- Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack - 13.0.0
- Microsoft Windows Server 2016 (Server Core installation) - 10.0.0
- Microsoft SharePoint Enterprise Server 2016 - 16.0.0
- Microsoft SharePoint Server 2019 - 16.0.0
- Microsoft SharePoint Server Subscription Edition - 16.0.0
- Microsoft SQL Server 2017 (CU 31) - 14.0.0
- Microsoft SQL Server 2022 (GDR) - 16.0.0
- Microsoft Dynamics 365 Business Central 2023 Release Wave 1 - 22.0.0
- Microsoft Dynamics 365 Business Central 2024 Release Wave 1 - 24.0
- Microsoft Dynamics 365 Business Central 2023 Release Wave 2 - 23.0.0
- Microsoft AutoUpdate for Mac
- Microsoft SQL Server 2022 for (CU 14) - 16.0.0
- Microsoft SQL Server 2019 (CU 28) - 15.0.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.