#Microsoft Windows Speech

CVE-2024-43574: Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit a use after free vulnerability within the OS SAPI component to execute arbitrary code in the context of the compromised user to disclose sensitive information, compromise system integrity or impact the availability of the victim's system.

20 hours ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #sap #Microsoft Windows Speech #Security Vulnerability

CVE-2024-30097: Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

**According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?** An unauthorized attacker must wait for a user to initiate a connection.

3 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #sap #Microsoft Windows Speech #Security Vulnerability

CVE-2023-36719: Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

10 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #sap #Microsoft Windows Speech #Security Vulnerability

Tag

#Microsoft Windows Speech