CVE-2024-30077
published 2024-06-11CVE-2024-30077: Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability
high8CVSS 3.1
AVNACLPRLUIRSUCHIHAH
EPSS
1.80%
75.7th percentile
Windows OLE Remote Code Execution Vulnerability
Windows OLE Remote Code Execution Vulnerability
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20680 | 10.0.10240.20680 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7070 | 10.0.14393.7070 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.4529 | 10.0.19044.4529 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.4529 | 10.0.19045.4529 |
| microsoft | windows_11_version_21h2 | >= 10.0.22000.0 < 10.0.22000.3019 | 10.0.22000.3019 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.3737 | 10.0.22621.3737 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.3737 | 10.0.22631.3737 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.1742 | 10.0.26100.1742 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27170 | 6.1.7601.27170 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.22720 | 6.0.6003.22720 |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.24919 | 6.2.9200.24919 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22023 | 6.3.9600.22023 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7070 | 10.0.14393.7070 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.5936 | 10.0.17763.5936 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.2527 | 10.0.20348.2527 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_21h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
CVSS provenance
nvdv3.18.0HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
cvelistv58.0HIGH
vendor_msrc8.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows OLE Remote Code Execution Vulnerability
vendor_msrc·2024-06-11·CVSS 8.0
CVE-2024-30077 [HIGH] CWE-122 Windows OLE Remote Code Execution Vulnerability
Windows OLE Remote Code Execution Vulnerability
FAQ: How could an attacker exploit this vulnerability?
An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.
Microsoft WDAC OLE DB provider for SQL: Microsoft WDAC OLE DB provider for SQL
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5039217
Reference: https
CVEList
Windows OLE Remote Code Execution Vulnerability
cvelistv5·2024-06-11·CVSS 8.0
CVE-2024-30077 [HIGH] CWE-122 Windows OLE Remote Code Execution Vulnerability
Windows OLE Remote Code Execution Vulnerability
Windows OLE Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
# The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs
2024/06/11
Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
Talos
Only one critical issue disclosed as part of Microsoft Patch Tuesday
blogs_talos·2024-06-11·CVSS 8.0
CVE-2024-30080 [HIGH] Only one critical issue disclosed as part of Microsoft Patch Tuesday
Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software.
Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important."
The lone critical security issue is CVE-2024-30080, a remote code execution vulnerability due to a use-after-free (UAF) issue in the HTTP handling function of Microsoft Message Queuing (MSMQ) messages.
An adversary can send a specially crafted malicious MSMQ packet to an MSMQ server, potentially allowing them to perform remote code execution on the server side. Microsoft considers this vulnerability “more likely” to be exploited.
There is also a remote code execution vulnerability in Microsoft Outlook, CVE-2024-30103. By successfully
Trendmicro
The June 2024 Security Update Review
blogs_trendmicro·2024-06-11
The June 2024 Security Update Review
## The June 2024 Security Update Review
Get the June 2024 security update and review.
By: Dustin Childs 2024/06/11 Read time: ( words)
Save to Folio
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for June 2024
For June, Adobe released 10 patches addressing 165(!) CVEs in Adobe Cold Fusion, Photoshop, Experience Manager, Audition, Media Encoder, FrameMaker Publishing Server, Adobe Commerce, Substance 3D Stager, Creative Cloud Desktop, and Acrobat Android. The fix for Experience Ma
Talos
Only one critical issue disclosed as part of Microsoft Patch Tuesday
blogs_talos·2024-06-11·CVSS 8.0
CVE-2024-30080 [HIGH] Only one critical issue disclosed as part of Microsoft Patch Tuesday
## Only one critical issue disclosed as part of Microsoft Patch Tuesday
Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software.
Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important."
The lone critical security issue is CVE-2024-30080 , a remote code execution vulnerability due to a use-after-free (UAF) issue in the HTTP handling function of Microsoft Message Queuing (MSMQ) messages.
An adversary can send a specially crafted malicious MSMQ packet to an MSMQ server, potentially allowing them to perform remote code execution on the server side. Microsoft considers this vulnerability “more likely” to be exploited.
There is also a remote code exec
2024-06-11
Published