July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
ICS: Multiple Siemens Products Vulnerabilities
August 16, 2024AWS Misconfiguration Exposes Data Across 110,000 Domains – Active IOCs
August 17, 2024ICS: Multiple Siemens Products Vulnerabilities
August 16, 2024AWS Misconfiguration Exposes Data Across 110,000 Domains – Active IOCs
August 17, 2024
Severity
High
Analysis Summary
CVE-2024-38109 CVSS:9.1
Microsoft Azure Health Bot could allow a remote attacker to gain elevated privileges on the system, caused by a server-side request forgery vulnerability. An attacker could exploit this vulnerability to elevate privileges over a network.
CVE-2024-38169 CVSS:7.8
Microsoft Office Visio could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38171 CVSS:7.8
Microsoft PowerPoint could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38163 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Update Stack component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38146 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in Layer-2 Bridge Network component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-38158 CVSS:7
Microsoft Azure IoT SDK could allow a local authenticated attacker to execute arbitrary code on the system. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38141 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, cause by a flaw in the Ancillary Function Driver for WinSock component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38155 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Security Center Broker component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-38168 CVSS:7.5
Microsoft .NET and Visual Studio are vulnerable to a denial of service. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-38172 CVSS:7.8
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38162 CVSS:7.8
Microsoft Azure Connected Machine Agent could allow a local attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38173 CVSS:6.7
Microsoft Outlook could allow a local authenticated attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38063 CVSS:9.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the TCP/IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38161 CVSS:6.8
Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the Mobile Broadband Driver component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-38118 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Local Security Authority (LSA) Server component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-38135 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in NT OS Kernel component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38184 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Kernel-Mode Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-38177 CVSS:7.8
Microsoft Windows App Installer could allow a remote attacker to conduct spoofing attacks.
CVE-2024-38222 CVSS:6.5
Microsoft Edge (Chromium-based) could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2024-38211 CVSS:8.2
Microsoft Dynamics 365 (on-premises) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Privilege Escalation
- Cross-Site Scripting
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-38109
- CVE-2024-38169
- CVE-2024-38171
- CVE-2024-38163
- CVE-2024-38146
- CVE-2024-38158
- CVE-2024-38141
- CVE-2024-38155
- CVE-2024-38168
- CVE-2024-38172
- CVE-2024-38162
- CVE-2024-38173
- CVE-2024-38063
- CVE-2024-38161
- CVE-2024-38118
- CVE-2024-38135
- CVE-2024-38184
- CVE-2024-38177
- CVE-2024-38222
- CVE-2024-38211
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Edge (Chromium-based)
- Microsoft Dynamics 365 (on-premises) 9.1
- Microsoft .NET 8.0
- Microsoft Windows 11 version 21H2 for ARM64-based Systems
- Microsoft Windows 11 version 21H2 for x64-based Systems
- Microsoft 365 Apps for Enterprise for 32-bit Systems
- Microsoft Visual Studio 2022 version 17.6
- Microsoft Windows 10 Version 1507 - 10.0.0
- Microsoft Windows 10 Version 1607 - 10.0.0
- Microsoft Windows 10 Version 1607 for 32-bit Systems - 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems - 1607
- Microsoft Windows 10 Version 1809 - 10.0.0
- Microsoft Windows 10 Version 1809 for 32-bit Systems - 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems - 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems - 1809
- Microsoft 365 Apps for Enterprise - 16.0.1
- Microsoft Office 2019 - 19.0.0
- Microsoft Azure Health Bot
- Microsoft Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Microsoft Office 2019 - 19.0.0
- Microsoft Windows 10 Version 21H2 - 10.0.0
- Microsoft Windows 10 Version 21H2 for 32-bit Systems - 21H2
- Microsoft Windows 10 Version 21H2 for 32-bit Systems - 21H2 Microsoft Windows 10 Version 21H2 for ARM64-based Systems - 21H2
- Microsoft Windows 10 Version 21H2 for x64-based Systems - 21H2
- Microsoft Windows 10 Version 22H2 - 10.0.0
- Microsoft Windows 11 version 21H2 - 10.0.0
- Microsoft Windows 10 Version 22H2 for 32-bit Systems - 22H2
- Microsoft Windows 10 Version 22H2 for x64-based Systems - 22H2
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems - 23H2
- Microsoft Windows 11 Version 23H2 for x64-based Systems - 23H2
- Microsoft azure-uamqp-c
- Microsoft C SDK for Azure IoT - 0
- Microsoft .NET 8.0 - 1.0.0
- Microsoft Visual Studio 2022 version 17.10
- Microsoft Visual Studio 2022 version 17.10 - 17.10
- Microsoft Visual Studio 2022 version 17.6 - 17.6.0
- Microsoft Visual Studio 2022 version 17.8 - 17.8.0
- Microsoft Azure Connected Machine Agent - 1.0.0
- Microsoft App Installer - 1.0.0.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.