CVE-2024-49056
published 2024-11-12CVE-2024-49056: Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
PriorityP259high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.04%
59.7th percentile
Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | airlift.microsoft.com | — | — |
| msrc | airlift.microsoft.com | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·This vulnerability was fully mitigated server-side by Microsoft on airlift.microsoft.com. No customer action is required and no patch is distributed to end users, making client-side detection impossible. ↗
- ·The vulnerability is a cloud-service-side authentication bypass (assumed-immutable data) on airlift.microsoft.com. No exploit has been publicly disclosed or observed in the wild, and no technical indicators are available in the published sources. ↗
- ·Exploit status confirmed as not publicly disclosed and not exploited; no IOCs or detection artifacts exist in the published advisories. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Airlift.microsoft.com Elevation of Privilege Vulnerability
vendor_msrc·2024-11-12·CVSS 7.3
CVE-2024-49056 [HIGH] CWE-302 Airlift.microsoft.com Elevation of Privilege Vulnerability
Airlift.microsoft.com Elevation of Privilege Vulnerability
Description: Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
FAQ: Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.
Airlift.microsoft.com: Airlift.microsoft.com
Microsoft: Microsoft
Customer Action Required: No
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest So
GHSA
GHSA-3g36-jm7h-4mqf: Authentication bypass by assumed-immutable data on airlift
ghsa_unreviewed·2024-11-12
CVE-2024-49056 [HIGH] CWE-302 GHSA-3g36-jm7h-4mqf: Authentication bypass by assumed-immutable data on airlift
Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
No detection rules found.
No public exploits indexed.
Qualys
November 2024 Patch Tuesday Updates for Microsoft & Adobe | Qualys
blogs_qualys·2024-11-12·CVSS 6.5
[MEDIUM] November 2024 Patch Tuesday Updates for Microsoft & Adobe | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for November 2024
- Adobe Patches for November 2024
- Zero-day Vulnerabilities Patched in November Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in November Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
- Rapid Response with Patch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- Qualys Monthly Webinar Series
Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this mont
Bleepingcomputer
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
blogs_bleepingcomputer·2024-11-12·CVSS 6.5
[MEDIUM] Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
## Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
## Lawrence Abrams
26 Elevation of Privilege vulnerabilities
2 Security Feature Bypass vulnerabilities
52 Remote Code Execution vulnerabilities
1 Information Disclosure vulnerability
4 Denial of Service vulnerabilities
3 Spoofing vulnerabilities
This count does not include two Edge flaws that were previously fixed on November 7th.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5046617 and KB5046633 cumulative updates and the Windows 10 KB5046613 update .
## Four zero-days disclosed
This month's Patch Tuesday fixes four zero-days, two of which were actively exploited in attacks, and three were publicly disclosed.
Microsoft classifies a
Qualys
Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review
blogs_qualys·2024-11-12·CVSS 6.5
[MEDIUM] Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for November 2024
Adobe Patches for November 2024
Zero-day Vulnerabilities Patched in November Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in November Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Rapid Response with Patch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
Qualys Monthly Webinar Series
Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a b
Crowdstrike
November 2024 Patch Tuesday: Updates and Analysis
blogs_crowdstrike·CVSS 7.5
CVE-2026-20929 [HIGH] November 2024 Patch Tuesday: Updates and Analysis
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand AT
2024-11-12
Published