April 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft OLE DB Driver for SQL Server Vulnerabilities
July 11, 2024FormBook Malware – Active IOCs
July 12, 2024Multiple Microsoft OLE DB Driver for SQL Server Vulnerabilities
July 11, 2024FormBook Malware – Active IOCs
July 12, 2024
Severity
High
Analysis Summary
CVE-2024-30061 CVSS:7.3
Microsoft Dynamics 365 (On-Premises) could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-38020 CVSS:6.5
Microsoft Outlook could allow a remote attacker to conduct spoofing attacks.
CVE-2024-35261 CVSS:7.8
Microsoft Azure Network Watcher VM Extension could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38092 CVSS:8.8
Microsoft Azure CycleCloud could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38086 CVSS:6.4
Microsoft Azure Kinect SDK could allow a physical attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38095 CVSS:7.5
Microsoft .NET and Visual Studio are vulnerable to a denial of service. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-38089 CVSS:9.1
Microsoft Defender for IoT could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-35267 CVSS:7.6
Microsoft Windows Active Directory Federation Server could allow a remote authenticated attacker to conduct spoofing attacks.
CVE-2024-38023 CVSS:7.2
Microsoft SharePoint Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38094 CVSS:7.2
Microsoft SharePoint could allow a remote attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38081 CVSS:7.3
Microsoft .NET could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30105 CVSS:7.5
Microsoft .NET is vulnerable to a denial of service. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-32987 CVSS:7.5
Microsoft SharePoint Server could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-35266 CVSS:7.6
Microsoft Azure DevOps Server could allow a remote authenticated attacker to conduct spoofing attacks.
CVE-2024-38021 CVSS:8.8
Microsoft Office could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-34122 CVSS:7.3
Microsoft Edge (Chromium-based) could allow a remote attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-30061
- CVE-2024-38020
- CVE-2024-35261
- CVE-2024-38092
- CVE-2024-38086
- CVE-2024-38095
- CVE-2024-38089
- CVE-2024-35267
- CVE-2024-38023
- CVE-2024-38094
- CVE-2024-38081
- CVE-2024-30105
- CVE-2024-32987
- CVE-2024-35266
- CVE-2024-38021
- CVE-2024-34122
Affected Vendors
Microsoft
Affected Products
- Microsoft SharePoint Enterprise Server 2016
- Microsoft Defender for IoT
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Edge (Chromium-based)
- Microsoft Azure Network Watcher VM Extension
- Microsoft Azure DevOps Server 2020.1.2
- Microsoft .NET 8.0
- Microsoft Dynamics 365 (on-premises) version 9.1
- Microsoft 365 Apps for Enterprise for 32-bit Systems
- Microsoft 365 Apps for Enterprise for 64-bit Systems
- Microsoft Azure CycleCloud 8.6.0
- Microsoft Visual Studio
- Microsoft Office 2016 (32-bit edition)
- Microsoft Office 2016 (64-bit edition)
- Microsoft Office 2019 for 32-bit editions
- Microsoft Office 2019 for 64-bit editions
- Microsoft Office LTSC 2021 for 32-bit editions
- Microsoft Office LTSC 2021 for 64-bit editions
- Microsoft Outlook 2016 (32-bit edition)
- Microsoft Outlook 2016 (64-bit edition)
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
