Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2024-29998: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

Microsoft Security Response Center
Open in Source
#vulnerability#mac#windows#rce#auth#Windows Mobile Broadband#Security Vulnerability
CVE-2024-29997: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30007: Microsoft Brokering File System Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could potentially gain the ability to authenticate against a remote host using the current user’s credentials.

CVE-2024-30006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

CVE-2024-30005: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30004: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30003: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30002: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30001: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine

CVE-2024-30000: Windows Mobile Broadband Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?** To exploit this vulnerability, an unauthenticated attacker needs to physically connect a malicious USB device to the victim's machine