July 2, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
APT32 SeaLotus aka OceanLotus Group – Active IOCs
May 16, 2024
Multiple Google Chrome Vulnerabilities
May 16, 2024
APT32 SeaLotus aka OceanLotus Group – Active IOCs
May 16, 2024
Multiple Google Chrome Vulnerabilities
May 16, 2024
Severity
High
Analysis Summary
CVE-2024-32004 CVSS:8.1
MinGit software which is consumed by Microsoft Visual Studio could allow a remote attacker to execute arbitrary code on the system, caused by a path traversal vulnerability. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30046 CVSS:5.9
Microsoft Visual Studio is vulnerable to a denial of service. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-30048 CVSS:7.6
Dynamics 365 Customer Insights is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-30047 CVSS:7.6
Dynamics 365 Customer Insights is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-30045 CVSS:6.3
Microsoft .NET and Visual Studio could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30054 CVSS:6.5
Microsoft Power BI Client JavaScript SDK could allow a remote attacker to obtain sensitive information. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30006 CVSS:8.8
Microsoft WDAC OLE DB Provider for SQL Server could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30041 CVSS:5.4
Microsoft Bing Search for Android could allow a remote attacker to conduct spoofing attacks.
CVE-2024-30053 CVSS:6.5
Microsoft Azure Migrate is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-32002 CVSS:9
MinGit software which is consumed by Microsoft Visual Studio could allow a remote attacker to execute arbitrary code on the system, caused by a path traversal vulnerability. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30044 CVSS:8.8
Microsoft SharePoint Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30042 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-30059 CVSS:6.1
Microsoft Intune for Android could allow a local authenticated attacker to bypass security restrictions, caused by improper access control in the Mobile Application Management component. Aattacker could exploit this vulnerability to gain access to sensitive files.
CVE-2024-30043 CVSS:6.5
Microsoft SharePoint Server could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-30055 CVSS:5.4
Microsoft Edge (Chromium-based) could allow a remote attacker to conduct a spoofing attack. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to conduct a spoofing attack.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Cross-Site Scripting
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-32004
- CVE-2024-30046
- CVE-2024-30048
- CVE-2024-30047
- CVE-2024-30045
- CVE-2024-30054
- CVE-2024-30006
- CVE-2024-30041
- CVE-2024-30053
- CVE-2024-32002
- CVE-2024-30044
- CVE-2024-30042
- CVE-2024-30059
- CVE-2024-30043
- CVE-2024-30055
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft SharePoint Enterprise Server 2016
- Microsoft Windows 10 1809 for 32-bit Systems
- Microsoft Windows Server (Server Core installation) 2004
- Microsoft Windows 10 1809 for x64-based Systems
- Microsoft Windows 10 1809 for ARM64-based Systems
- Microsoft Windows 10 1909 for 32-bit Systems
- Microsoft Windows 10 1909 for x64-based Systems
- Microsoft Windows 10 1909 for ARM64-based Systems
- Microsoft Windows 10 20H2 for 32-bit Systems
- Microsoft Windows 10 20H2 for ARM64-based Systems
- Microsoft Windows 10 20H2 for x64-based Systems
- Microsoft Windows Server (Server Core installation) 2019
- Microsoft Windows Server (Server Core installation) 20H2
- Microsoft Windows Server (Server Core installation) 2016
- Microsoft Windows 10 21H1 for 32-bit Systems
- Microsoft Windows 10 21H1 for x64-based Systems
- Microsoft Windows Server (Server Core installation) 2022
- Microsoft Windows 11 x64
- Microsoft Windows 11 ARM64
- Microsoft Windows 10 1607 for 32-bit Systems
- Microsoft Windows 10 1607 for x64-based Systems
- Microsoft Windows 10 21H2 for ARM64-based Systems
- Microsoft Windows 10 21H2 for x64-based Systems
- Microsoft Azure Migrate
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Edge (Chromium-based)
- Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems 1809
- Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019
- Microsoft Visual Studio 2017 15.9
- Microsoft Visual Studio 2022 17.2
- Microsoft Dynamics 365 (on-premises) 9.1
- Microsoft SQL Server 2019 for X64-based systems (GDR) x64
- Microsoft SQL Server 2022 for X64-based systems (GDR) x64
- Microsoft Visual Studio 2022 17.4
- Microsoft OLE DB Driver 19 for SQL Server
- Microsoft OLE DB Driver 18 for SQL Server
- Microsoft Visual Studio 2022 17.6
- Microsoft Visual Studio 2022 17.7
- Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for ARM64-based Systems 1809
- Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for X64-based Systems 1809
- Microsoft Intune Company Portal for Android
- Microsoft SQL Server 2019 for x64-based Systems (CU 25)
- Microsoft SQL Server 2022 for x64-based Systems (CU 12)
- Microsoft SQL Server 2022 for x64-based Systems (GDR)
- Microsoft Power BI Client JavaScript SDK
- Microsoft Bing Search for Android
- Git 2.39.3
- Git 2.40.1
- Git 2.41.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.