CVE-2024-30072
published 2024-06-11CVE-2024-30072: Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
PriorityP340high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.85%
53.6th percentile
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.3737 | 10.0.22621.3737 |
| microsoft | windows_11_23h2 | < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.3737 | 10.0.22621.3737 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.950 | 10.0.25398.950 |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x58r-7627-pg7c: Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
ghsa_unreviewed·2024-06-11
CVE-2024-30072 [HIGH] CWE-190 GHSA-x58r-7627-pg7c: Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
Microsoft
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
vendor_msrc·2024-06-11·CVSS 7.8
CVE-2024-30072 [HIGH] CWE-190 Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker must send the user a malicious file and convince them to open it.
FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?
The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.
Windows Event Logging Service: Windows Event Logging Service
Microsoft: Microsoft
Cust
No detection rules found.
No public exploits indexed.
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
# The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs
2024/06/11
Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
## The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs 2024/06/11 Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
2024-06-11
Published