#Security Vulnerability

CVE-2024-20670: Outlook for Windows Spoofing Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of NTLM hashes.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Microsoft Office Outlook #Security Vulnerability

CVE-2024-29062: Secure Boot Security Feature Bypass Vulnerability

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #Windows Secure Boot #Security Vulnerability

CVE-2024-29053: Microsoft Defender for IoT Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Defender for IoT #Security Vulnerability

CVE-2024-29055: Microsoft Defender for IoT Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #Microsoft Defender for IoT #Security Vulnerability

CVE-2024-29052: Windows Storage Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Windows Storage #Security Vulnerability

CVE-2024-29061: Secure Boot Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Secure Boot.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #Windows Secure Boot #Security Vulnerability

CVE-2024-26240: Secure Boot Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Secure Boot.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #Windows Secure Boot #Security Vulnerability

CVE-2024-26239: Windows Telephony Server Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Windows Remote Access Connection Manager #Security Vulnerability

CVE-2024-28907: Microsoft Brokering File System Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #Microsoft Brokering File System #Security Vulnerability

CVE-2024-28904: Microsoft Brokering File System Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #Microsoft Brokering File System #Security Vulnerability

Tag

#Security Vulnerability