June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Cisco Products Vulnerabilities
January 21, 2025
ValleyRAT Delivered Through Sophisticated PNGPlug Loader in Cyber Attacks – Active IOCs
January 21, 2025
Multiple Cisco Products Vulnerabilities
January 21, 2025
ValleyRAT Delivered Through Sophisticated PNGPlug Loader in Cyber Attacks – Active IOCs
January 21, 2025
Severity
High
Analysis Summary
CVE-2024-49052 CVSS:8.2
Microsoft Azure PolicyWatch could allow a remote attacker to gain elevated privileges on the system, caused by missing authentication for critical functions. An attacker could exploit this vulnerability to elevate privileges over a network.
CVE-2025-21361 CVSS:7.8
Microsoft Outlook Remote Code Execution Vulnerability.
CVE-2025-21360 CVSS:7.8
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability.
Impact
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2024-49052
CVE-2025-21361
CVE-2025-21360
Affected Vendors
Microsoft
Affected Products
- Microsoft Office LTSC for Mac 2021 - 16.0.1
- Microsoft Office LTSC for Mac 2024 - 1.0.0
- Microsoft Azure Functions
- Microsoft Outlook for Mac - 1.0.0
- Microsoft AutoUpdate for Mac - 0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
