VDB
CVE-2024-38173
CVE-2024-38173
PUBLISHED
In Microsoft Office, Microsoft 365 Apps, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft PowerPoint 2016, Microsoft Project 2016 und Microsoft Teams bestehen mehrere Schwachstellen. Ein lokaler oder entfernter Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, beliebigen Code auszuführen und das Opfer zu täuschen. Einige der Sicherheitslücken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
EPSS 0.49% · 65.9th percentile
Risk Scores
EPSS Score
0.49%
65.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Outlook 2016 | |
| Microsoft | Microsoft 365 Apps | |
| Microsoft | Microsoft Office OfficePLUS | |
| Microsoft | Microsoft Project 2016 | |
| Microsoft | Microsoft Teams iOS | |
| Microsoft | Microsoft PowerPoint 2016 | |
| Microsoft | Microsoft Office LTSC for Mac 2021 | |
| Microsoft | Microsoft Office 2019 | |
| Microsoft | Microsoft Office LTSC 2021 |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CIRCL seen: CVE-2024-38173 (circl-sighting)
- Microsoft Outlook Remote Code Execution Vulnerability (circl)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
- matching_rules_test.go (github-poc)
…and 21 more exploits
Timeline
- Aug 13, 2024 CVE Published
- Aug 13, 2024 PoC Published
- Aug 14, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 15, 2024 EPSS Score
- Nov 5, 2024 EPSS Score
- Nov 26, 2024 EPSS Score
- Jan 8, 2025 EPSS Score
- Jan 28, 2025 EPSS Score
- Feb 18, 2025 EPSS Score
- Mar 11, 2025 EPSS Score