ISHACK AI BOT

PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/09/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/08/2025 Description Deprecated Solution(s)

Red Hat: CVE-2024-9680: firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 10/09/2024 Created 10/12/2024 Added 10/11/2024 Modified 11/14/2024 Description An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-9680 RHSA-2024:7958 RHSA-2024:7977 RHSA-2024:8024 RHSA-2024:8025 RHSA-2024:8026 RHSA-2024:8031 RHSA-2024:8033 RHSA-2024:8166 RHSA-2024:9552 RHSA-2024:9554 View more

Ubuntu: (Multiple Advisories) (CVE-2024-47673): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/09/2024 Created 12/19/2024 Added 12/18/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped Not doing so will make us send a host command to the transport while the firmware is not alive, which will trigger a WARNING. bad state = 0 WARNING: CPU: 2 PID: 17434 at drivers/net/wireless/intel/iwlwifi/iwl-trans.c:115 iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi] RIP: 0010:iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi] Call Trace: <TASK> iwl_mvm_send_cmd+0x40/0xc0 [iwlmvm] iwl_mvm_config_scan+0x198/0x260 [iwlmvm] iwl_mvm_recalc_tcm+0x730/0x11d0 [iwlmvm] iwl_mvm_tcm_work+0x1d/0x30 [iwlmvm] process_one_work+0x29e/0x640 worker_thread+0x2df/0x690 ? rescuer_thread+0x540/0x540 kthread+0x192/0x1e0 ? set_kthread_struct+0x90/0x90 ret_from_fork+0x22/0x30 Solution(s) ubuntu-upgrade-linux-image-5-15-0-1039-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1056-gkeop ubuntu-upgrade-linux-image-5-15-0-1066-ibm ubuntu-upgrade-linux-image-5-15-0-1066-raspi ubuntu-upgrade-linux-image-5-15-0-1068-nvidia ubuntu-upgrade-linux-image-5-15-0-1068-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1070-gke ubuntu-upgrade-linux-image-5-15-0-1070-kvm ubuntu-upgrade-linux-image-5-15-0-1071-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1071-oracle ubuntu-upgrade-linux-image-5-15-0-1072-gcp ubuntu-upgrade-linux-image-5-15-0-1073-aws ubuntu-upgrade-linux-image-5-15-0-1078-azure ubuntu-upgrade-linux-image-5-15-0-127-generic ubuntu-upgrade-linux-image-5-15-0-127-generic-64k ubuntu-upgrade-linux-image-5-15-0-127-generic-lpae ubuntu-upgrade-linux-image-5-15-0-127-lowlatency ubuntu-upgrade-linux-image-5-15-0-127-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-47673 CVE - 2024-47673 USN-7166-1 USN-7166-2 USN-7166-3 USN-7166-4 USN-7186-1 USN-7186-2 USN-7194-1 View more

Juniper Junos OS: 2024-10 Security Bulletin: Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash (JSA88134) (CVE-2024-47504) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/09/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/30/2025 Description An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos). When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart. This issue affects Junos OS: *22.1 releases 22.1R1 and later before 22.2R3-S5, *22.3 releases before 22.3R3-S4, *22.4 releases before 22.4R3-S4, *23.2 releases before 23.2R2-S2, *23.4 releases before 23.4R2-S1, *24.2 releases before 24.2R1-S1, 24.2R2. Please note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-47504 CVE - 2024-47504 JSA88134

Adobe Animate: CVE-2024-47418: Security updates available for Adobe Animate (APSB24-76) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-47418 CVE - 2024-47418 https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Animate: CVE-2024-47415: Security updates available for Adobe Animate (APSB24-76) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-47415 CVE - 2024-47415 https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Animate: CVE-2024-47416: Security updates available for Adobe Animate (APSB24-76) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-47416 CVE - 2024-47416 https://helpx.adobe.com/security/products/animate/apsb24-76.html

Alma Linux: CVE-2024-43484: Important: .NET 6.0 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/12/2024 Added 10/11/2024 Modified 02/14/2025 Description .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Solution(s) alma-upgrade-aspnetcore-runtime-6.0 alma-upgrade-aspnetcore-runtime-8.0 alma-upgrade-aspnetcore-runtime-dbg-8.0 alma-upgrade-aspnetcore-targeting-pack-6.0 alma-upgrade-aspnetcore-targeting-pack-8.0 alma-upgrade-dotnet alma-upgrade-dotnet-apphost-pack-6.0 alma-upgrade-dotnet-apphost-pack-8.0 alma-upgrade-dotnet-host alma-upgrade-dotnet-hostfxr-6.0 alma-upgrade-dotnet-hostfxr-8.0 alma-upgrade-dotnet-runtime-6.0 alma-upgrade-dotnet-runtime-8.0 alma-upgrade-dotnet-runtime-dbg-8.0 alma-upgrade-dotnet-sdk-6.0 alma-upgrade-dotnet-sdk-6.0-source-built-artifacts alma-upgrade-dotnet-sdk-8.0 alma-upgrade-dotnet-sdk-8.0-source-built-artifacts alma-upgrade-dotnet-sdk-dbg-8.0 alma-upgrade-dotnet-targeting-pack-6.0 alma-upgrade-dotnet-targeting-pack-8.0 alma-upgrade-dotnet-templates-6.0 alma-upgrade-dotnet-templates-8.0 alma-upgrade-netstandard-targeting-pack-2.1 References https://attackerkb.com/topics/cve-2024-43484 CVE - 2024-43484 https://errata.almalinux.org/8/ALSA-2024-7851.html https://errata.almalinux.org/8/ALSA-2024-7868.html https://errata.almalinux.org/9/ALSA-2024-7867.html https://errata.almalinux.org/9/ALSA-2024-7869.html

Ubuntu: USN-7058-1 (CVE-2024-38229): .NET vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/10/2024 Added 10/09/2024 Modified 01/28/2025 Description .NET and Visual Studio Remote Code Execution Vulnerability Solution(s) ubuntu-upgrade-aspnetcore-runtime-6-0 ubuntu-upgrade-aspnetcore-runtime-8-0 ubuntu-upgrade-dotnet-host ubuntu-upgrade-dotnet-host-8-0 ubuntu-upgrade-dotnet-hostfxr-6-0 ubuntu-upgrade-dotnet-hostfxr-8-0 ubuntu-upgrade-dotnet-runtime-6-0 ubuntu-upgrade-dotnet-runtime-8-0 ubuntu-upgrade-dotnet-sdk-6-0 ubuntu-upgrade-dotnet-sdk-8-0 ubuntu-upgrade-dotnet6 ubuntu-upgrade-dotnet8 References https://attackerkb.com/topics/cve-2024-38229 CVE - 2024-38229 USN-7058-1

Microsoft Windows: CVE-2024-43570: Windows Kernel Elevation of Privilege Vulnerability Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43570: Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43570 CVE - 2024-43570 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43532: Remote Registry Service Elevation of Privilege Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43532: Remote Registry Service Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43532 CVE - 2024-43532 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43515: Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43515: Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43515 CVE - 2024-43515 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43564: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43564: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43564 CVE - 2024-43564 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-38265: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-38265: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-38265 CVE - 2024-38265 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43563: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43563: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43563 CVE - 2024-43563 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43562: Windows Network Address Translation (NAT) Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43562: Windows Network Address Translation (NAT) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43562 CVE - 2024-43562 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 View more

Microsoft Windows: CVE-2024-43513: BitLocker Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43513: BitLocker Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43513 CVE - 2024-43513 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43552: Windows Shell Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43552: Windows Shell Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43552 CVE - 2024-43552 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044288

Microsoft Windows: CVE-2024-43558: Windows Mobile Broadband Driver Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43558: Windows Mobile Broadband Driver Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43558 CVE - 2024-43558 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044288 View more

Microsoft Windows: CVE-2024-43537: Windows Mobile Broadband Driver Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43537: Windows Mobile Broadband Driver Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43537 CVE - 2024-43537 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044288 View more

Microsoft Windows: CVE-2024-43538: Windows Mobile Broadband Driver Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43538: Windows Mobile Broadband Driver Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43538 CVE - 2024-43538 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044288 View more

Microsoft Windows: CVE-2024-43553: NT OS Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43553: NT OS Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43553 CVE - 2024-43553 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43540: Windows Mobile Broadband Driver Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/12/2024 Description Microsoft Windows: CVE-2024-43540: Windows Mobile Broadband Driver Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43540 CVE - 2024-43540 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044288 View more

Microsoft Windows: CVE-2024-43573: Windows MSHTML Platform Spoofing Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43573: Windows MSHTML Platform Spoofing Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5044286 microsoft-windows-windows_10-1607-kb5044293 microsoft-windows-windows_10-1809-kb5044277 microsoft-windows-windows_10-21h2-kb5044273 microsoft-windows-windows_10-22h2-kb5044273 microsoft-windows-windows_11-21h2-kb5044280 microsoft-windows-windows_11-22h2-kb5044285 microsoft-windows-windows_11-23h2-kb5044285 microsoft-windows-windows_11-24h2-kb5044284 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43573 CVE - 2024-43573 https://support.microsoft.com/help/5044273 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044280 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044284 https://support.microsoft.com/help/5044285 https://support.microsoft.com/help/5044286 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044343 View more

Microsoft Windows: CVE-2024-43541: Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/08/2024 Created 10/09/2024 Added 10/08/2024 Modified 12/10/2024 Description Microsoft Windows: CVE-2024-43541: Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5044342 microsoft-windows-windows_server_2012_r2-kb5044343 microsoft-windows-windows_server_2016-1607-kb5044293 microsoft-windows-windows_server_2019-1809-kb5044277 microsoft-windows-windows_server_2022-21h2-kb5044281 microsoft-windows-windows_server_2022-22h2-kb5044281 microsoft-windows-windows_server_2022-23h2-kb5044288 References https://attackerkb.com/topics/cve-2024-43541 CVE - 2024-43541 https://support.microsoft.com/help/5044277 https://support.microsoft.com/help/5044281 https://support.microsoft.com/help/5044288 https://support.microsoft.com/help/5044293 https://support.microsoft.com/help/5044342 https://support.microsoft.com/help/5044343 View more