March 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Lighttpd Server Vulnerability Remains Unpatched in Lenovo and Intel BMCs
April 17, 2024Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024Lighttpd Server Vulnerability Remains Unpatched in Lenovo and Intel BMCs
April 17, 2024Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024
Severity
High
Analysis Summary
CVE-2024-28902 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a buffer over-read in the Remote Access Connection Manager component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information from heap memory and use this information to launch further attacks against the affected system.
CVE-2024-26233 CVSS:7.2
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in DNS Server. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26221 CVSS:7.2
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in DNS Server. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26212 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by uncontrolled resource consumption in the DHCP Server Service component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-28914 CVSS:8.8
Microsoft OLE DB Driver for SQL Server could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26222 CVSS:7.2
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in DNS Server. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-20665 CVSS:6.1
Microsoft Windows could allow a physical authenticated attacker to bypass security restrictions, cause by protection mechanism failure in the BitLocker component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26243 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a buffer over-read in the USB Print Driver component. By winning a race condition, an attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2024-28920 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by protection mechanism failure in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26244 CVSS:8.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in WDAC SQL Server ODBC Driver. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26213 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Brokering File System. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-28922 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by protection mechanism failure in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-28898 CVSS:6.3
Microsoft Windows could allow a remote authenticated attacker within the local network to bypass security restrictions, cause by a stack-based buffer overflow in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26168 CVSS:6.8
Microsoft Windows could allow a physical attacker to bypass security restrictions, cause by a heap-based buffer overflow in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26175 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by an out-of-bounds read in the Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.
Impact
- Gain Access
- Information Disclosure
- Denial of Service
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-28902
- CVE-2024-26233
- CVE-2024-26221
- CVE-2024-26212
- CVE-2024-28914
- CVE-2024-26222
- CVE-2024-20665
- CVE-2024-26243
- CVE-2024-28920
- CVE-2024-26244
- CVE-2024-26213
- CVE-2024-28922
- CVE-2024-28898
- CVE-2024-26168
- CVE-2024-26175
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows Server 2022
- Microsoft Windows Server 2022 23H2
- Microsoft Windows 10 Version 1607 for 32-bit Systems 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems 1607
- Microsoft Windows 10 Version 1809 for 32-bit Systems 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems 1809
- Microsoft Windows 10 Version 21H2 for 32-bit Systems 21H2
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems 21H2
- Microsoft Windows 10 Version 21H2 for x64-based Systems 21H2
- Microsoft Windows 10 Version 22H2 for 32-bit Systems 22H2
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 10 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems 23H2
- Microsoft Windows 11 version 21H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 version 21H2 for x64-based Systems 22H2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 23H2
- Microsoft Windows Server 2012 23H2
- Microsoft Windows Server 2012 (Server Core installation) 23H2
- Microsoft Windows Server 2012 R2 23H2
- Microsoft Windows Server 2012 R2 (Server Core installation) 23H2
- Microsoft Windows Server 2016 23H2
- Microsoft Windows Server 2016 (Server Core installation) 23H2
- Microsoft Windows Server 2019 23H2
- Microsoft Windows Server 2022 (Server Core installation) 23H2
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.