Request a Demo
Enhancing Your Cybersecurity Posture by Outsourcing Your Security Operations Centre (SOC)
December 26, 2024
Rewterz
Mirai Botnet aka Katana – Active IOCs
December 27, 2024

Multiple Microsoft Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-49065 CVSS:5.5

Microsoft Office could allow a local attacker to execute arbitrary code on the system. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-49062 CVSS:6.5

Microsoft SharePoint could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2024-49103 CVSS:4.3

Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by out-of-bounds read in Wireless Wide Area Network Service (WwanSvc). By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

CVE-2024-49101 CVSS:6.6

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a out-of-bounds read in Wireless Wide Area Network Service (WwanSvc). By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-49099 CVSS:4.3

Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by out-of-bounds read in Wireless Wide Area Network Service (WwanSvc). By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

CVE-2024-49098 CVSS:4.3

Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by out-of-bounds read Wireless Wide Area Network Service (WwanSvc). By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

CVE-2024-49094 CVSS:6.6

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap-based buffer overflow in Wireless Wide Area Network Service (WwanSvc). By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-49092 CVSS:6.8

Microsoft Windows Mobile Broadband Driver could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds read in mobile broadband drive. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-49087 CVSS:4.6

Microsoft Windows could allow a physical attacker to obtain sensitive information, caused by a flaw in the Mobile Broadband Driver component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2024-49073 CVSS:6.8

Microsoft Windows could allow a local attacker to gain elevated privileges on the system, caused by a flaw in Mobile Broadband Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to escalate privileges.

CVE-2024-49064 CVSS:6.5

Microsoft SharePoint could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.

Impact

  • Information Disclosure
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-49065
  • CVE-2024-49062
  • CVE-2024-49103
  • CVE-2024-49101
  • CVE-2024-49099
  • CVE-2024-49098
  • CVE-2024-49094
  • CVE-2024-49092
  • CVE-2024-49087
  • CVE-2024-49073
  • CVE-2024-49064

Affected Vendors

Microsoft

Affected Products

  • Microsoft Windows Server 2022
  • Microsoft Windows 10 Version 1809 - 10.0.0
  • Microsoft 365 Apps for Enterprise - 16.0.1
  • Microsoft Office 2019 - 19.0.0
  • Microsoft Windows 10 Version 21H2 - 10.0.0
  • Microsoft Windows 11 version 22H3 - 10.0.0
  • Microsoft Windows Server 2019 - 10.0.0
  • Microsoft Windows Server 2019 (Server Core installation) - 10.0.0
  • Microsoft Windows 11 Version 23H2 - 10.0.0
  • Microsoft SharePoint Enterprise Server 2016 - 16.0.0
  • Microsoft SharePoint Server 2019 - 16.0.0
  • Microsoft SharePoint Server Subscription Edition - 16.0.0
  • Microsoft Windows Server 2025 - 10.0.0 - 10.0.0
  • Microsoft Windows 11 Version 24H2 - 10.0.0 - 10.0.0
  • Microsoft Microsoft SharePoint Server Subscription Edition - 16.0.0
  • Microsoft Microsoft SharePoint Server 2019 - 16.0.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-49065

CVE-2024-49062

CVE-2024-49103

CVE-2024-49101

CVE-2024-49099

CVE-2024-49098

CVE-2024-49094

CVE-2024-49092

CVE-2024-49087

CVE-2024-49073

CVE-2024-49064