Request a Demo
Rewterz
Multiple Microsoft OLE DB Driver for SQL Server Vulnerabilities
July 11, 2024
Rewterz
FormBook Malware – Active IOCs
July 12, 2024

Multiple Microsoft Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-30061 CVSS:7.3

Microsoft Dynamics 365 (On-Premises) could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-38020 CVSS:6.5

Microsoft Outlook could allow a remote attacker to conduct spoofing attacks.

CVE-2024-35261 CVSS:7.8

Microsoft Azure Network Watcher VM Extension could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38092 CVSS:8.8

Microsoft Azure CycleCloud could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38086 CVSS:6.4

Microsoft Azure Kinect SDK could allow a physical attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38095 CVSS:7.5

Microsoft .NET and Visual Studio are vulnerable to a denial of service. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-38089 CVSS:9.1

Microsoft Defender for IoT could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-35267 CVSS:7.6

Microsoft Windows Active Directory Federation Server could allow a remote authenticated attacker to conduct spoofing attacks.

CVE-2024-38023 CVSS:7.2

Microsoft SharePoint Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38094 CVSS:7.2

Microsoft SharePoint could allow a remote attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38081 CVSS:7.3

Microsoft .NET could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-30105 CVSS:7.5

Microsoft .NET is vulnerable to a denial of service. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-32987 CVSS:7.5

Microsoft SharePoint Server could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-35266 CVSS:7.6

Microsoft Azure DevOps Server could allow a remote authenticated attacker to conduct spoofing attacks.

CVE-2024-38021 CVSS:8.8

Microsoft Office could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-34122 CVSS:7.3

Microsoft Edge (Chromium-based) could allow a remote attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

  • Denial of Service
  • Gain Access
  • Code Execution
  • Privilege Escalation
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2024-30061
  • CVE-2024-38020
  • CVE-2024-35261
  • CVE-2024-38092
  • CVE-2024-38086
  • CVE-2024-38095
  • CVE-2024-38089
  • CVE-2024-35267
  • CVE-2024-38023
  • CVE-2024-38094
  • CVE-2024-38081
  • CVE-2024-30105
  • CVE-2024-32987
  • CVE-2024-35266
  • CVE-2024-38021
  • CVE-2024-34122

Affected Vendors

Microsoft

Affected Products

  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft Defender for IoT
  • Microsoft SharePoint Server 2019
  • Microsoft SharePoint Server Subscription Edition
  • Microsoft Edge (Chromium-based)
  • Microsoft Azure Network Watcher VM Extension
  • Microsoft Azure DevOps Server 2020.1.2
  • Microsoft .NET 8.0
  • Microsoft Dynamics 365 (on-premises) version 9.1
  • Microsoft 365 Apps for Enterprise for 32-bit Systems
  • Microsoft 365 Apps for Enterprise for 64-bit Systems
  • Microsoft Azure CycleCloud 8.6.0
  • Microsoft Visual Studio
  • Microsoft Office 2016 (32-bit edition)
  • Microsoft Office 2016 (64-bit edition)
  • Microsoft Office 2019 for 32-bit editions
  • Microsoft Office 2019 for 64-bit editions
  • Microsoft Office LTSC 2021 for 32-bit editions
  • Microsoft Office LTSC 2021 for 64-bit editions
  • Microsoft Outlook 2016 (32-bit edition)
  • Microsoft Outlook 2016 (64-bit edition)

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-30061

CVE-2024-38020

CVE-2024-35261

CVE-2024-38092

CVE-2024-38086

CVE-2024-38095

CVE-2024-38089

CVE-2024-35267

CVE-2024-38023

CVE-2024-38094

CVE-2024-38081

CVE-2024-30105

CVE-2024-32987

CVE-2024-35266

CVE-2024-38021

CVE-2024-34122