NJRAT – Active IOCs
November 24, 2024Multiple Google Android Vulnerabilities
November 25, 2024NJRAT – Active IOCs
November 24, 2024Multiple Google Android Vulnerabilities
November 25, 2024Severity
High
Analysis Summary
CVE-2024-49029 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-49030 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer overflow. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-49028 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-49027 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-49026 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system, caused by a command injection error. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-49060 CVSS:8.8
Microsoft Azure Stack HCI could allow a local authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-43613 CVSS:7.2
Microsoft Azure Database for PostgreSQL could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request to an Azure Database for PostgreSQL Flexible Server with specific non-default functionality enabled, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2024-49042 CVSS:7.2
Microsoft Azure Database for PostgreSQL could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request to an Azure Database for PostgreSQL Flexible Server with specific non-default functionality enabled, an attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-49029
- CVE-2024-49030
- CVE-2024-49028
- CVE-2024-49027
- CVE-2024-49026
- CVE-2024-49060
- CVE-2024-43613
- CVE-2024-49042
Affected Vendors
Affected Products
- Microsoft 365 Apps for Enterprise - 16.0.1
- Microsoft Office 2019 - 19.0.0
- Microsoft Office LTSC for Mac 2021 - 16.0.1
- Microsoft Azure Stack HCI - 10.2408.1.9
- Microsoft Azure Database for PostgreSQL Flexible Server - 16.4.0
- Microsoft Azure Database for PostgreSQL Flexible Server - 15.8
- Microsoft Azure Database for PostgreSQL Flexible Server - 14.13
- Microsoft Azure Database for PostgreSQL Flexible Server - 13.16
- Microsoft Azure Database for PostgreSQL Flexible Server - 12.20
- Microsoft Office LTSC for Mac 2024 - 1.0.0
- Microsoft Excel 2016 - 16.0.0.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.