Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft OneDrive

CVE-2023-24930: Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** The user must be authenticated to be able to exploit this vulnerability.

Microsoft Security Response Center
#vulnerability#web#mac#microsoft#auth#Microsoft OneDrive#Security Vulnerability
CVE-2023-24923: Microsoft OneDrive for Android Information Disclosure Vulnerability

**How do I get the update for OneDrive for Android?** 1. Tap the **Google Play** icon on your home screen. 2. Swipe in from the left edge of the screen. 3. Tap **My apps & games**. 4. Tap the Update box next to the **OneDrive app**. **Is there a direct link on the web?** Yes: https://play.google.com/store/apps/details?id=com.microsoft.skydrive&hl=en\_US

CVE-2023-24882: Microsoft OneDrive for Android Information Disclosure Vulnerability

**How do I get the update for OneDrive for Android?** 1. Tap the **Google Play** icon on your home screen. 2. Swipe in from the left edge of the screen. 3. Tap **My apps & games**. 4. Tap the Update box next to the **OneDrive app**. **Is there a direct link on the web?** Yes: https://play.google.com/store/apps/details?id=com.microsoft.skydrive&hl=en\_US

CVE-2023-24890: Microsoft OneDrive for iOS Security Feature Bypass Vulnerability

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

CVE-2022-23255: Microsoft OneDrive for Android Security Feature Bypass Vulnerability

**What privileges are required to exploit this vulnerability?** The attacker needs access to an unlocked mobile device to exploit the vulnerability.