Report Name: Microsoft Patch Tuesday, September 2024
Generated: 2024-09-11 01:21:35

Product Name	Prevalence	U	C	H	M	L	A	Comment
Windows TCP/IP	0.9			2			2	Windows component
Windows Win32k	0.9				1		1	The Win32k.sys driver is the kernel side of some core parts of the Windows subsystem. Its main functionality is the GUI of Windows; it's responsible for window management.
Chromium	0.8		2	4	14		20	Chromium is a free and open-source web browser project, mainly developed and maintained by Google
Microsoft Edge	0.8			3	2		5	Web browser
Microsoft PowerShell	0.8				1		1	PowerShell or Microsoft PowerShell (formerly Windows PowerShell) is a task automation and configuration management program from Microsoft, consisting of a command-line shell and the associated scripting language
Microsoft Windows Admin Center	0.8				1		1	Windows component
Windows Authentication	0.8				1		1	Windows component
Windows Graphics Component	0.8				3		3	Windows component
Windows Installer	0.8		1				1	Windows component
Windows Kerberos	0.8				1		1	Windows component
Windows Kernel-Mode Driver	0.8				1		1	Windows component
Windows MSHTML Platform	0.8				1		1	Windows component
Windows Mark of the Web	0.8		1	1			2	Windows component
Windows Network Address Translation (NAT)	0.8			1			1	Windows component
Windows Networking	0.8				4		4	Windows component
Windows Remote Access Connection Manager	0.8				1		1	Windows component
Windows Remote Desktop Licensing Service	0.8			3	4		7	Windows component
Windows Security Zone Mapping	0.8				1		1	Windows component
Windows Setup and Deployment	0.8				1		1	Windows component
Windows Standards-Based Storage Management Service	0.8				1		1	Windows component
Windows Storage	0.8			1			1	Windows component
Windows Update	0.8		1				1	Windows Update is a service that automates downloading and installing Windows software updates over the Internet
Windows Win32 Kernel Subsystem	0.8				2		2	Windows component
Windows libarchive	0.8				1		1	Windows component
Microsoft Entra ID	0.6				1		1	Microsoft Entra ID is a cloud-based identity and access management solution
Microsoft Excel	0.6				1		1	MS Office product
Microsoft Office Visio	0.6				1		1	Microsoft Visio
Windows Hyper-V	0.6				1		1	Hardware virtualization component of the client editions of Windows NT
Adobe Systems Incorporated: CVE-2024-41879 Adobe PDF Viewer	0.5				1		1	Adobe Systems Incorporated: CVE-2024-41879 Adobe PDF Viewer
Azure CycleCloud	0.5				1		1	Azure CycleCloud
Azure Network Watcher VM Agent	0.5				2		2	Azure Network Watcher VM Agent
Azure Stack Hub	0.5				2		2	Azure Stack Hub
DHCP Server Service	0.5				1		1	DHCP Server Service
Kernel Streaming Service Driver	0.5				6		6	Kernel Streaming Service Driver
Kernel Streaming WOW Thunk Service Driver	0.5				1		1	Kernel Streaming WOW Thunk Service Driver
Microsoft AllJoyn API	0.5				1		1	Microsoft AllJoyn API
Microsoft AutoUpdate (MAU)	0.5				1		1	Microsoft AutoUpdate (MAU)
Microsoft Dynamics 365 (on-premises)	0.5				1		1	Microsoft Dynamics 365 (on-premises)
Microsoft Dynamics 365 Business Central	0.5				1		1	Microsoft Dynamics 365 Business Central
Microsoft Management Console	0.5				1		1	Microsoft Management Console
Microsoft Outlook for iOS	0.5				1		1	Microsoft Outlook for iOS
Microsoft Power Automate Desktop	0.5				1		1	Microsoft Power Automate Desktop
Microsoft Publisher	0.5		1				1	Microsoft Publisher
Microsoft SQL Server	0.5				4		4	Microsoft SQL Server
Microsoft SQL Server Native Scoring	0.5				9		9	Microsoft SQL Server Native Scoring
Microsoft SharePoint Server	0.5				5		5	Microsoft SharePoint Server
Azure	0.4			1	1		2	Azure

Vulnerability Type	Criticality	U	C	H	M	L	A
Remote Code Execution	1.0		1	8	17		26
Authentication Bypass	0.98			1	1		2
Security Feature Bypass	0.9		3	5	3		11
Elevation of Privilege	0.85		1	2	27		30
Information Disclosure	0.83				11		11
Cross Site Scripting	0.8				1		1
Denial of Service	0.7				8		8
Memory Corruption	0.5		1		8		9
Spoofing	0.4				9		9

Source	U	C	H	M	L	A
MS PT Extended		2	8	18		28
Qualys		4	2	20		26
Tenable		4	1	10		15
Rapid7		4	1	2		7
ZDI		4		1		5

Urgent (0)

Critical (6)

1. Remote Code Execution - Windows Update (CVE-2024-43491) - Critical [766]

Description: Microsoft Windows Update Remote Code Execution Vulnerability. Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support.

Qualys: CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability The stack vulnerability allows an attacker to perform remote code execution. Microsoft mentioned in the advisory that “Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. This vulnerability does not impact all later versions of Windows 10.” CISA acknowledged the active exploitation of CVE-2024-43491 by adding it to its Known Exploited Vulnerabilities Catalog and requesting users patch the flaw before October 1, 2024.

Tenable: Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)

Tenable: CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability

Tenable: CVE-2024-43491 is a RCE vulnerability in Microsoft Windows Update affecting Optional Components on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB). This was assigned a CVSSv3 score of 9.8, a maximum severity of critical and flagged by Microsoft as exploited in-the-wild.

Tenable: While this CVE has been labeled as exploited in-the-wild, confusingly Microsoft states that there is no evidence of direct exploitation of CVE-2024-43491,rather through observed rollbacks of CVEs related to Optional Components for Windows 10 (version 1507). Because some of these rolled back CVEs have been observed to have been exploited, this prompted Microsoft to apply the exploitability index assessment for this vulnerability as “Exploitation Detected.”

Rapid7: At first glance, the most concerning of today’s exploited-in-the-wild vulnerabilities is CVE-2024-43491, which describes a pre-auth RCE vulnerability caused by a regression in the Windows Servicing Stack that has rolled back fixes for a number of previous vulnerabilities affecting optional components.

Rapid7: The CVSSv3.1 base score is 9.8, which is typically not good news. However, things aren’t quite as bad as they seem: the key takeaway here is that only Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) is affected. Also, Microsoft notes that while at least some of the accidentally unpatched vulnerabilities were known to be exploited, they haven’t seen in-the-wild exploitation of CVE-2024-43491 itself, and the defect was discovered by Microsoft. All in all, while there are certainly more than a few organizations out there still running Windows 10 1507, most admins can breathe a sigh of relief on this one, and then go back to worrying about everything else.

Rapid7: The Servicing Stack regression described by CVE-2024-43491 was introduced in the March 2024 patches. Those nostalgic few still running Windows 10 1507 should note that patches are required for both Servicing Stack and the regular Windows OS patch released today, and must be applied in that order. Microsoft does not specify which vulnerabilities were accidentally unpatched back in March, although there is a significant list of affected optional components at the end of the FAQ, so potentially the set of vulnerabilities in play is quite long. Given time, an enthusiastic data miner could no doubt come up with a list of likely suspects.

ZDI: CVE-2024-43491 - Microsoft Windows Update Remote Code Execution Vulnerability. This is an unusual bug. At first, it reads like a downgrade attack similar to the one discussed at Black Hat. However, it appears that this downgrade was introduced through updates to the Servicing Stack affecting Optional Components on Windows 10 systems. Admins will need to install both the servicing stack update (KB5043936) AND this security update (KB5043083) to fully address the vulnerability. It’s also interesting to note that while this particular bug isn’t being exploited in the wild, it allowed some of those Optional Components to be exploited. The only good news here is that only a portion of Windows 10 systems are affected. Check the write-up from Microsoft to see if you’re impacted, then test and deploy these updates quickly.

2. Elevation of Privilege - Windows Installer (CVE-2024-38014) - Critical [716]

Description: Windows Installer Elevation of Privilege Vulnerability

Qualys: CVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability Windows Installer is a Windows operating system component that allows users to install and uninstall software. It’s been a part of Windows since Windows 2000 and is the preferred installation format for many popular software applications. An attacker may gain SYSTEM privileges on successful exploitation of the vulnerability. CISA acknowledged the active exploitation of CVE-2024-38014 by adding it to its Known Exploited Vulnerabilities Catalog and requesting users patch the flaw before October 1, 2024.

Tenable: CVE-2024-38014 | Windows Installer Elevation of Privilege Vulnerability

Tenable: CVE-2024-38014 is an EoP vulnerability affecting Windows Installer which was observed as being exploited as a zero-day. While Microsoft did not share any details on exploitation, the advisory does note that successful exploitation would grant the attacker SYSTEM level privileges. As with other EoP vulnerabilities, these vulnerabilities are often used as part of post-compromise activity in order to further compromise a network using elevated account privileges.

Rapid7: Next up in today’s foursome of exploited-in-the-wild vulnerabilities is CVE-2024-38014: an elevation of privilege vulnerability in Windows Installer. The middling CVSSv3.1 base score of 7.8 lines up with Microsoft’s severity assessment of Important rather than Critical. Exploitation grants code execution as SYSTEM, and although the attack vector is local, this might be at least slightly attractive to malware authors, since both attack complexity and privilege requirements are low, and no user interaction is required.

ZDI: CVE-2024-38014 - Windows Installer Elevation of Privilege Vulnerability. Here’s yet another privilege escalation bug that leads to SYSTEM being exploited in the wild. And not conjure Xzibit memes, but I think it’s great when attackers put an extra installer in the Installer. Interestingly, Microsoft states that no user interaction is required for this bug, so the actual mechanics of the exploit may be odd. Still, privilege escalations like this are typically paired with a code execution bug to take over a system. Test and deploy this fix quickly.

3. Security Feature Bypass - Windows Mark of the Web (CVE-2024-38217) - Critical [689]

Description: Windows Mark of the Web Security Feature Bypass Vulnerability

Qualys: CVE-2024-38217: Windows Mark of the Web Security Feature Bypass Vulnerability The Mark of the Web (MoTW) is a Windows security feature that identifies files downloaded from the internet as potentially unsafe. An attacker could host a malicious file on an attacker-controlled server to exploit the vulnerability. The attacker must convince a targeted user to download and open the malicious file. Successful exploitation of the vulnerability may allow the attacker to interfere with the Mark of the Web functionality. CISA acknowledged the active exploitation of CVE-2024-38217 by adding it to its Known Exploited Vulnerabilities Catalog and requesting users patch the flaw before October 1, 2024.

Tenable: CVE-2024-38217 | Windows Mark of the Web Security Feature Bypass Vulnerability

Tenable: CVE-2024-38217 is a security feature bypass vulnerability affecting Mark of the Web, an identifier used by Windows to mark files that have been downloaded from the internet. With a CVSSv3 score of 5.4, Microsoft notes that it was exploited in the wild and publicly disclosed prior to the patch becoming available. Successful exploitation of this vulnerability requires an attacker to convince a user into opening a specially crafted file that could evade Mark of the Web (MOTW) defenses.

Tenable: An additional Mark of the Web security feature bypass vulnerability, CVE-2024-43487, was also patched this month. With a severity rating of moderate and a CVSSv3 score of 6.5, this flaw was rated as “Exploitation Less Likely” according to the Microsoft Exploitability Index. As with CVE-2024-38217, successful exploitation would involve the attacker convincing a user to open a specially crafted file.

Rapid7: The Mark-of-the-Web (MotW) security feature bypass CVE-2024-38217 is not only known to be exploited, but is also publicly disclosed via an extensive write-up which names the technique "LNK stomping" and highlights that exploitation will typically involve explorer.exe overwriting an existing LNK file. The write-up also links to exploit code on GitHub. Beyond that, the discoverer points to VirusTotal samples going back as far as 2018 to make the case that this has been abused for a very long time indeed.

ZDI: CVE-2024-38217 - Windows Mark of the Web Security Feature Bypass Vulnerability. We’ve talked a lot about MoTW bypasses over the last several months, but it seems like there’s always more to say. This is one of two MoTW bypasses receiving fixes this month, but only this one is listed as under attack. Microsoft provides no details about the attacks, but in the past, MoTW bypasses have been associated with ransomware gangs targeting crypto traders. This bug is also listed as publicly known, but no information is provided about that detail either.

4. Security Feature Bypass - Chromium (CVE-2024-7965) - Critical [675]

Description: Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

MS PT Extended: CVE-2024-7965 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

5. Security Feature Bypass - Microsoft Publisher (CVE-2024-38226) - Critical [663]

Description: Microsoft Publisher Security Feature Bypass Vulnerability

Qualys: CVE-2024-38226: Microsoft Publisher Security Features Bypass Vulnerability Microsoft Publisher is a desktop publishing application that helps users create professional-looking publications. It’s part of the Microsoft 365 suite and useful for industries requiring high-quality publication design. An attacker who exploits this vulnerability could bypass Office macro policies blocking untrusted or malicious files. CISA acknowledged the active exploitation of CVE-2024-38226 by adding it to its Known Exploited Vulnerabilities Catalog and requesting users patch the flaw before October 1, 2024.

Tenable: CVE-2024-38226 | Microsoft Publisher Security Features Bypass Vulnerability

Tenable: CVE-2024-38226 is a security feature bypass vulnerability affecting Microsoft Publisher. This vulnerability was assigned a CVSSv3 score of 7.3 and has been exploited in the wild as a zero-day. In order to exploit this flaw, an attacker must be authenticated to a target system and convince a user to download a crafted file. This would allow a local attacker to bypass Office macro policies designed to block untrusted and potentially malicious files on the target’s system. According to the advisory, the Preview Pane is not an attack vector for this vulnerability.

Rapid7: It’s been a little while since we talked about Microsoft Publisher, so today’s publication of CVE-2024-38226 — a local security feature bypass for Office macro policy — gives us a chance to do that. The Preview Pane is not involved, and the description of exploit methodology in the FAQ is welcome, but somewhat unusual: an attacker must not only convince a user to download and open a malicious file, but the attacker must also be authenticated on the system itself, although the FAQ does not explain further.

ZDI: CVE-2024-38226 - Microsoft Publisher Security Features Bypass Vulnerability. I’m always amazed by the ingenuity of attackers, be they red teamers or threat actors. Who would have thought to exploit macros in Microsoft Publisher? I had forgotten all about that program. But here we are. The attack involves specially crafted files being opened by affected Publisher versions. Obviously, an attacker would need to convince a target to open the file, but if they do, it will bypass Office macro policies and execute code on the target system.

6. Memory Corruption - Chromium (CVE-2024-7971) - Critical [603]

Description: Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

MS PT Extended: CVE-2024-7971 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

High (16)

7. Authentication Bypass - Azure (CVE-2024-38175) - High [505]

Description: An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.

MS PT Extended: CVE-2024-38175 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

8. Security Feature Bypass - Windows Mark of the Web (CVE-2024-43487) - High [498]

Description: Windows Mark of the Web Security Feature Bypass Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

Tenable: An additional Mark of the Web security feature bypass vulnerability, CVE-2024-43487, was also patched this month. With a severity rating of moderate and a CVSSv3 score of 6.5, this flaw was rated as “Exploitation Less Likely” according to the Microsoft Exploitability Index. As with CVE-2024-38217, successful exploitation would involve the attacker convincing a user to open a specially crafted file.

9. Elevation of Privilege - Windows Storage (CVE-2024-38248) - High [449]

Description: Windows Storage Elevation of Privilege Vulnerability

10. Security Feature Bypass - Chromium (CVE-2024-7974) - High [436]

Description: Chromium: CVE-2024-7974 Insufficient data validation in V8 API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7974 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

11. Remote Code Execution - Microsoft Edge (CVE-2024-38209) - High [430]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-38209 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

12. Remote Code Execution - Microsoft Edge (CVE-2024-38210) - High [430]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-38210 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

13. Remote Code Execution - Windows TCP/IP (CVE-2024-21416) - High [423]

Description: Windows TCP/IP Remote Code Execution Vulnerability

14. Remote Code Execution - Windows TCP/IP (CVE-2024-38045) - High [423]

Description: Windows TCP/IP Remote Code Execution Vulnerability

15. Remote Code Execution - Windows Remote Desktop Licensing Service (CVE-2024-38260) - High [419]

Description: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

16. Elevation of Privilege - Microsoft Edge (CVE-2024-43472) - High [416]

Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

MS PT Extended: CVE-2024-43472 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

17. Security Feature Bypass - Chromium (CVE-2024-7977) - High [413]

Description: Chromium: CVE-2024-7977 Insufficient data validation in Installer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7977 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

18. Remote Code Execution - Windows Network Address Translation (NAT) (CVE-2024-38119) - High [407]

Description: Windows Network Address Translation (NAT) Remote Code Execution Vulnerability

Qualys: CVE-2024-38119: Windows Network Address Translation (NAT) Remote Code Execution Vulnerability Network Address Translation (NAT) allows multiple devices to share a public IP address. It’s commonly implemented in routers, firewalls, and residential gateways. An attacker must win a race condition to exploit the vulnerability. An attacker must access the restricted network to exploit the vulnerability successfully.

Rapid7: Rounding out this month’s critical RCE vulnerabilities is CVE-2024-38119, which describes a use after free flaw in the Windows NAT implementation. Attack vector is listed as adjacent, so an attacker would need an existing foothold on the same network as the target asset before winning a race condition, which bumps up the attack complexity to high. Even though this looks to be pre-auth RCE, Microsoft lists exploitation as less likely. For reasons unknown, Server 2012/2012 R2 does not receive a patch, although all newer supported versions of Windows do.

19. Remote Code Execution - Windows Remote Desktop Licensing Service (CVE-2024-38263) - High [407]

Description: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

20. Remote Code Execution - Windows Remote Desktop Licensing Service (CVE-2024-43467) - High [407]

Description: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

21. Security Feature Bypass - Chromium (CVE-2024-7979) - High [401]

Description: Chromium: CVE-2024-7979 Insufficient data validation in Installer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7979 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

22. Security Feature Bypass - Chromium (CVE-2024-7980) - High [401]

Description: Chromium: CVE-2024-7980 Insufficient data validation in Installer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7980 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

Medium (85)

23. Remote Code Execution - Windows Remote Desktop Licensing Service (CVE-2024-43454) - Medium [395]

Description: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

24. Remote Code Execution - Windows libarchive (CVE-2024-43495) - Medium [395]

Description: Windows libarchive Remote Code Execution Vulnerability

25. Authentication Bypass - Microsoft Entra ID (CVE-2024-43477) - Medium [394]

Description: {'ms_cve_data_all': 'Microsoft Entra ID Elevation of Privilege Vulnerability. Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.\n', 'nvd_cve_data_all': 'Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.', 'epss_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.', 'custom_cve_data_all': '', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2024-43477 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

26. Security Feature Bypass - Windows Security Zone Mapping (CVE-2024-30073) - Medium [389]

Description: Windows Security Zone Mapping Security Feature Bypass Vulnerability

27. Elevation of Privilege - Windows Win32k (CVE-2024-38246) - Medium [385]

Description: Win32k Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

28. Elevation of Privilege - Microsoft PowerShell (CVE-2024-38046) - Medium [380]

Description: PowerShell Elevation of Privilege Vulnerability

29. Elevation of Privilege - Windows Graphics Component (CVE-2024-38247) - Medium [380]

Description: Windows Graphics Component Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

30. Elevation of Privilege - Windows Graphics Component (CVE-2024-38249) - Medium [380]

Description: Windows Graphics Component Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

31. Elevation of Privilege - Windows Graphics Component (CVE-2024-38250) - Medium [380]

Description: Windows Graphics Component Elevation of Privilege Vulnerability

32. Elevation of Privilege - Windows Remote Access Connection Manager (CVE-2024-38240) - Medium [380]

Description: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

33. Elevation of Privilege - Windows Setup and Deployment (CVE-2024-43457) - Medium [380]

Description: Windows Setup and Deployment Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

34. Elevation of Privilege - Windows Win32 Kernel Subsystem (CVE-2024-38252) - Medium [380]

Description: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

35. Elevation of Privilege - Windows Win32 Kernel Subsystem (CVE-2024-38253) - Medium [380]

Description: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

36. Remote Code Execution - Adobe Systems Incorporated: CVE-2024-41879 Adobe PDF Viewer (CVE-2024-41879) - Medium [380]

Description: Adobe Systems Incorporated: CVE-2024-41879 Adobe PDF Viewer Remote Code Execution Vulnerability

MS PT Extended: CVE-2024-41879 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

37. Information Disclosure - Windows Networking (CVE-2024-43458) - Medium [376]

Description: Windows Networking Information Disclosure Vulnerability

38. Remote Code Execution - Microsoft Office Visio (CVE-2024-43463) - Medium [373]

Description: Microsoft Office Visio Remote Code Execution Vulnerability

39. Remote Code Execution - Azure CycleCloud (CVE-2024-43469) - Medium [369]

Description: Azure CycleCloud Remote Code Execution Vulnerability

40. Remote Code Execution - Microsoft Management Console (CVE-2024-38259) - Medium [369]

Description: Microsoft Management Console Remote Code Execution Vulnerability

41. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-26186) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

42. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-26191) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

43. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-37335) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

44. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-37338) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

45. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-37339) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

46. Remote Code Execution - Microsoft SQL Server Native Scoring (CVE-2024-37340) - Medium [369]

Description: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Tenable: CVE-2024-26186, CVE-2024-26191, CVE-2024-37335, CVE-2024-37338, CVE-2024-37339 and CVE-2024-37340 are a series of RCE vulnerabilities affecting Microsoft SQL Server Native Scoring. All six of these vulnerabilities are rated as important, were assigned a CVSSv3 score of 8.8, an exploitability index assessment of “Exploitation Less Likely” and were attributed to Andrew Ruddick with Microsoft Security Response Center.

47. Remote Code Execution - Microsoft SharePoint Server (CVE-2024-38018) - Medium [369]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability

Qualys: CVE-2024-38018: Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft SharePoint is a web-based document management and collaboration platform that helps share files, data, news, and resources. The application transforms business processes by providing simple sharing and seamless collaboration. In a network-based attack, an authenticated attacker with minimum Site Member permissions could execute code remotely on the SharePoint Server.

Tenable: CVE-2024-38018 | Microsoft SharePoint Server Remote Code Execution Vulnerability

Tenable: CVE-2024-38018 is a critical severity RCE affecting Microsoft SharePoint Server with a CVSSv3 score of 8.8 and an exploitability index assessment of “Exploitation More Likely.” While Microsoft has provided no information on exploitability, a threat actor would generally need to be authenticated and have sufficient permissions for page creation to take advantage of this RCE in Microsoft SharePoint Server.

Rapid7: Network-vector exploitation of SharePoint RCE CVE-2024-38018 requires that an attacker have Site Member permissions already, but since those aren’t exactly the crown jewels, attack complexity is low, and no user interaction is required, Microsoft very reasonably rates this as Critical on its own proprietary severity scale, and expects that exploitation is more likely.

48. Elevation of Privilege - Windows Kerberos (CVE-2024-38239) - Medium [368]

Description: Windows Kerberos Elevation of Privilege Vulnerability

49. Memory Corruption - Chromium (CVE-2024-7964) - Medium [365]

Description: Chromium: CVE-2024-7964 Use after free in Passwords. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7964 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

50. Memory Corruption - Chromium (CVE-2024-7966) - Medium [365]

Description: Chromium: CVE-2024-7966 Out of bounds memory access in Skia. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7966 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

51. Memory Corruption - Chromium (CVE-2024-7967) - Medium [365]

Description: Chromium: CVE-2024-7967 Heap buffer overflow in Fonts. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7967 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

52. Memory Corruption - Chromium (CVE-2024-7968) - Medium [365]

Description: Chromium: CVE-2024-7968 Use after free in Autofill. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7968 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

53. Memory Corruption - Chromium (CVE-2024-7969) - Medium [365]

Description: Chromium: CVE-2024-7969 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7969 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

54. Memory Corruption - Chromium (CVE-2024-7973) - Medium [365]

Description: Chromium: CVE-2024-7973 Heap buffer overflow in PDFium. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7973 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

55. Security Feature Bypass - Chromium (CVE-2024-7978) - Medium [365]

Description: Chromium: CVE-2024-7978 Insufficient policy enforcement in Data Transfer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2024-7978 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

56. Information Disclosure - Microsoft Windows Admin Center (CVE-2024-43475) - Medium [364]

Description: Microsoft Windows Admin Center Information Disclosure Vulnerability

57. Information Disclosure - Windows Remote Desktop Licensing Service (CVE-2024-38258) - Medium [364]

Description: Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

58. Remote Code Execution - Microsoft Power Automate Desktop (CVE-2024-43479) - Medium [357]

Description: Microsoft Power Automate Desktop Remote Code Execution Vulnerability

59. Denial of Service - Windows Networking (CVE-2024-38232) - Medium [353]

Description: Windows Networking Denial of Service Vulnerability

60. Denial of Service - Windows Networking (CVE-2024-38233) - Medium [353]

Description: Windows Networking Denial of Service Vulnerability

61. Memory Corruption - Chromium (CVE-2024-7972) - Medium [353]

Description: Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

MS PT Extended: CVE-2024-7972 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

62. Information Disclosure - Windows Authentication (CVE-2024-38254) - Medium [352]

Description: Windows Authentication Information Disclosure Vulnerability

63. Information Disclosure - Windows Kernel-Mode Driver (CVE-2024-38256) - Medium [352]

Description: Windows Kernel-Mode Driver Information Disclosure Vulnerability

64. Elevation of Privilege - Microsoft Excel (CVE-2024-43465) - Medium [347]

Description: Microsoft Excel Elevation of Privilege Vulnerability

65. Remote Code Execution - Microsoft SharePoint Server (CVE-2024-38227) - Medium [345]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

66. Remote Code Execution - Microsoft SharePoint Server (CVE-2024-38228) - Medium [345]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

67. Remote Code Execution - Microsoft SharePoint Server (CVE-2024-43464) - Medium [345]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability

Qualys: CVE-2024-43464: Microsoft SharePoint Server Remote Code Execution Vulnerability An attacker may upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger the deserialization of the file’s parameters. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server.

Rapid7: The second SharePoint critical RCE patched this month is CVE-2024-43464, which describes a deserialization of untrusted data leading to code execution in the context of the SharePoint Server via specially-crafted API calls after uploading a malicious file; one mitigating factor is that the attacker must already have Site Owner permissions or better. This all sounds very similar to CVE-2024-30044, which Rapid7 wrote about back in May 2024.

68. Elevation of Privilege - Azure Stack Hub (CVE-2024-38220) - Medium [342]

Description: Azure Stack Hub Elevation of Privilege Vulnerability

Qualys: CVE-2024-38216 & CVE-2024-38220: Azure Stack Hub Elevation of Privilege Vulnerability  Azure Stack Hub is part of the Azure Stack portfolio. The software enables users to run apps in an on-premises environment and deliver Azure services in the user’s datacenter. Successful exploitation of the vulnerability may allow an attacker to gain unauthorized access to system resources. The vulnerability may also allow an attacker to perform actions with the same privileges as the compromised process.

69. Elevation of Privilege - Microsoft Dynamics 365 Business Central (CVE-2024-38225) - Medium [342]

Description: Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

70. Elevation of Privilege - Microsoft SQL Server (CVE-2024-37341) - Medium [342]

Description: Microsoft SQL Server Elevation of Privilege Vulnerability

71. Elevation of Privilege - Microsoft SQL Server (CVE-2024-37965) - Medium [342]

Description: Microsoft SQL Server Elevation of Privilege Vulnerability

72. Elevation of Privilege - Microsoft SQL Server (CVE-2024-37980) - Medium [342]

Description: Microsoft SQL Server Elevation of Privilege Vulnerability

73. Denial of Service - Windows Networking (CVE-2024-38234) - Medium [341]

Description: Windows Networking Denial of Service Vulnerability

74. Denial of Service - Windows Remote Desktop Licensing Service (CVE-2024-38231) - Medium [341]

Description: Windows Remote Desktop Licensing Service Denial of Service Vulnerability

75. Denial of Service - Windows Standards-Based Storage Management Service (CVE-2024-38230) - Medium [341]

Description: Windows Standards-Based Storage Management Service Denial of Service Vulnerability

76. Elevation of Privilege - Azure Stack Hub (CVE-2024-38216) - Medium [330]

Description: Azure Stack Hub Elevation of Privilege Vulnerability

Qualys: CVE-2024-38216 & CVE-2024-38220: Azure Stack Hub Elevation of Privilege Vulnerability  Azure Stack Hub is part of the Azure Stack portfolio. The software enables users to run apps in an on-premises environment and deliver Azure services in the user’s datacenter. Successful exploitation of the vulnerability may allow an attacker to gain unauthorized access to system resources. The vulnerability may also allow an attacker to perform actions with the same privileges as the compromised process.

77. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38238) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

78. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38241) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

79. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38242) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

80. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38243) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

81. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38244) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

82. Elevation of Privilege - Kernel Streaming Service Driver (CVE-2024-38245) - Medium [330]

Description: Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

83. Elevation of Privilege - Kernel Streaming WOW Thunk Service Driver (CVE-2024-38237) - Medium [330]

Description: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Qualys: Other Microsoft Vulnerability Highlights CVE-2024-38227 & CVE-2024-38228 are remote code execution vulnerabilities in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions may exploit the vulnerability to execute arbitrary code in the context of SharePoint Server. CVE-2024-38237 is an elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38238, CVE-2024-38241, CVE-2024-38242, CVE-2024-38243, CVE-2024-38244, & CVE-2024-38245 are elevation of privilege vulnerabilities in Kernel Streaming Service Driver. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38246 is an elevation of privilege vulnerability in Win32k. An attacker must win a race condition to exploit the vulnerability. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38247 is an elevation of privilege vulnerability in the Windows Graphics Component. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-38249 is an elevation of privilege vulnerability in the Windows Graphics Component. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-38252 & CVE-2024-38253 are elevation of privilege vulnerabilities in the Windows Win32 Kernel Subsystem. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. CVE-2024-43457 is an elevation of privilege vulnerability in the Windows Setup and Deployment. On successful exploitation, an attacker may gain SYSTEM privileges. CVE-2024-43487 is a security feature bypass vulnerability in Windows Mark of the Web. Successful exploitation of the vulnerability may allow an attacker to bypass the SmartScreen user experience. An attacker must send the user a malicious file and convince them to open it to exploit the vulnerability.

84. Elevation of Privilege - Microsoft AutoUpdate (MAU) (CVE-2024-43492) - Medium [330]

Description: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

85. Memory Corruption - Microsoft Edge (CVE-2024-38207) - Medium [329]

Description: Microsoft Edge (HTML-based) Memory Corruption Vulnerability

MS PT Extended: CVE-2024-38207 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

86. Information Disclosure - Microsoft AllJoyn API (CVE-2024-38257) - Medium [326]

Description: Microsoft AllJoyn API Information Disclosure Vulnerability

87. Information Disclosure - Microsoft SQL Server (CVE-2024-43474) - Medium [326]

Description: Microsoft SQL Server Information Disclosure Vulnerability

88. Security Feature Bypass - Azure (CVE-2024-38194) - Medium [322]

Description: An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.

Qualys: CVE-2024-38194: Azure Web Apps Elevation of Privilege Vulnerability Azure Web Apps allow users to host web applications in various programming languages such as .NET, Java, and Node. js, Python, and PHP. It provides automatic scaling, load balancing, and high availability to ensure your application is always up and running. An authenticated attacker may exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.

89. Cross Site Scripting - Microsoft Dynamics 365 (on-premises) (CVE-2024-43476) - Medium [321]

Description: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

90. Elevation of Privilege - Azure Network Watcher VM Agent (CVE-2024-38188) - Medium [318]

Description: Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

91. Elevation of Privilege - Azure Network Watcher VM Agent (CVE-2024-43470) - Medium [318]

Description: Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

92. Information Disclosure - Microsoft Outlook for iOS (CVE-2024-43482) - Medium [314]

Description: Microsoft Outlook for iOS Information Disclosure Vulnerability

93. Information Disclosure - Microsoft SQL Server Native Scoring (CVE-2024-37337) - Medium [314]

Description: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 are information disclosure vulnerabilities affecting Microsoft SQL Server Native Scoring. All three of these vulnerabilities are rated as important, and were assigned a CVSSv3 score of 7.1 and exploitability index assessment of “Exploitation Less Likely.” These CVEs are also attributed to Andrew Ruddick with Microsoft Security Response Center, bringing the Microsoft SQL Server Native Scoring CVE count to seven in September’s Patch Tuesday release, accounting for over 10% of the CVEs this month. Successful exploitation of this vulnerability by a threat actor with authenticated access to Microsoft SQL Server Native Scoring could potentially allow the reading of small portions of heap memory. The disclosed memory could contain sensitive data, including user credentials, session tokens, or application-level information, which may lead to further security risks.

94. Information Disclosure - Microsoft SQL Server Native Scoring (CVE-2024-37342) - Medium [314]

Description: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 are information disclosure vulnerabilities affecting Microsoft SQL Server Native Scoring. All three of these vulnerabilities are rated as important, and were assigned a CVSSv3 score of 7.1 and exploitability index assessment of “Exploitation Less Likely.” These CVEs are also attributed to Andrew Ruddick with Microsoft Security Response Center, bringing the Microsoft SQL Server Native Scoring CVE count to seven in September’s Patch Tuesday release, accounting for over 10% of the CVEs this month. Successful exploitation of this vulnerability by a threat actor with authenticated access to Microsoft SQL Server Native Scoring could potentially allow the reading of small portions of heap memory. The disclosed memory could contain sensitive data, including user credentials, session tokens, or application-level information, which may lead to further security risks.

95. Information Disclosure - Microsoft SQL Server Native Scoring (CVE-2024-37966) - Medium [314]

Description: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

Tenable: CVE-2024-37337, CVE-2024-37342 and CVE-2024-37966 are information disclosure vulnerabilities affecting Microsoft SQL Server Native Scoring. All three of these vulnerabilities are rated as important, and were assigned a CVSSv3 score of 7.1 and exploitability index assessment of “Exploitation Less Likely.” These CVEs are also attributed to Andrew Ruddick with Microsoft Security Response Center, bringing the Microsoft SQL Server Native Scoring CVE count to seven in September’s Patch Tuesday release, accounting for over 10% of the CVEs this month. Successful exploitation of this vulnerability by a threat actor with authenticated access to Microsoft SQL Server Native Scoring could potentially allow the reading of small portions of heap memory. The disclosed memory could contain sensitive data, including user credentials, session tokens, or application-level information, which may lead to further security risks.

96. Spoofing - Microsoft Edge (CVE-2024-38208) - Medium [311]

Description: Microsoft Edge for Android Spoofing Vulnerability

MS PT Extended: CVE-2024-38208 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

97. Spoofing - Windows MSHTML Platform (CVE-2024-43461) - Medium [311]

Description: Windows MSHTML Platform Spoofing Vulnerability

ZDI: CVE-2024-43461 - Windows MSHTML Platform Spoofing Vulnerability. This bug is similar to the vulnerability we reported and was patched back in July. The ZDI Threat Hunting team discovered this exploit in the wild and reported it to Microsoft back in June. It appears threat actors quickly bypassed the previous patch. When we told Microsoft about the bug, we indicated it was being actively used. We’re not sure why they don’t list it as being under active attack, but you should treat it as though it were, especially since it affects all supported versions of Windows.

98. Spoofing - Windows Remote Desktop Licensing Service (CVE-2024-43455) - Medium [311]

Description: Windows Remote Desktop Licensing Service Spoofing Vulnerability

99. Denial of Service - Windows Hyper-V (CVE-2024-38235) - Medium [308]

Description: Windows Hyper-V Denial of Service Vulnerability

100. Denial of Service - DHCP Server Service (CVE-2024-38236) - Medium [303]

Description: DHCP Server Service Denial of Service Vulnerability

101. Denial of Service - Microsoft SharePoint Server (CVE-2024-43466) - Medium [291]

Description: Microsoft SharePoint Server Denial of Service Vulnerability

102. Spoofing - Chromium (CVE-2024-7975) - Medium [276]

Description: Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

MS PT Extended: CVE-2024-7975 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

103. Spoofing - Chromium (CVE-2024-7976) - Medium [276]

Description: Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

MS PT Extended: CVE-2024-7976 was published before September 2024 Patch Tuesday from 2024-08-14 to 2024-09-09

104. Spoofing - Chromium (CVE-2024-7981) - Medium [276]

Description: Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)