SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Using ChatGPT to Deobfuscate Malicious Scripts
Published: 2024-03-13
Last Updated: 2024-03-13 08:26:17 UTC
by Xavier Mertens (Version: 1)
Today, most of the malicious scripts in the wild are heavily obfuscated. Obfuscation is key to slow down the security analyst's job and to bypass simple security controls. They are many techniques available. Most of the time, your trained eyes can spot them in a few seconds but it remains a pain to process manually. How to handle them? For some of them, you have tools like numbers-to-strings.py, developed by Didier, to convert classic encodings back to strings. Sometimes, you can write your own script (time consuming) or use a Cyberchef recipe. To speed up the analysis, why not ask some help to AI tools? Let's see a practical example with ChatGPT.
Yesterday, I found a malicious Python script ... with a low VirusTotal score of 2/61. When I had a look at it, it was obfuscated with the following techniques. All interesting strings were hex-encode, compressed and Base64-encoded ...
Read the full entry: https://isc.sans.edu/diary/Using+ChatGPT+to+Deobfuscate+Malicious+Scripts/30740/
Microsoft Patch Tuesday - March 2024
Published: 2024-03-12
Last Updated: 2024-03-12 17:53:50 UTC
by Johannes Ullrich (Version: 1)
This month's patches are oddly "light". We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge. But only two of the vulnerabilities are rated as "Critical":
CVE-2024-21408: Windows Hyper-V Denial of Service Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability
Oddly, Microsoft considers a DoS vulnerability "critical". However, a DoS against Hyper-V could have a significant impact, which may justify the rating. The code execution vulnerability justifies a rating of critical. However, exploitation requires an attacker to first gain a foothold inside a virtual machine.
Other vulnerabilities of interest:
CVE-2024-26198: A remote code execution vulnerability for Exchange Server. This is a DLL loading issue that is typically more difficult to exploit. Authentication is required to exploit the vulnerability.
Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process. There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.
Read the full entry: https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2024/30736/
What happens when you accidentally leak your AWS API keys? [Guest Diary]
Published: 2024-03-10
Last Updated: 2024-03-11 01:12:57 UTC
by Guy Bruneau (Version: 1)
[This is a Guest Diary by Noah Pack, an ISC intern as part of the SANS.edu BACS program]
As a college freshman taking my first computer science class, I wanted to create a personal project that would test my abilities and maybe have some sort of return. I saw a video online of someone who created a python script that emailed colleges asking for free swag to be shipped to him. I liked the idea and adapted it. I created a script that emailed companies and asked for free swag, knowing that most conferences that year had been canceled due to the COVID-19 pandemic. I wrote my script, made a new email account for the script to use, created a list of ten companies it would email, and it worked flawlessly. To celebrate my achievement, I uploaded my code to GitHub. The next thing I knew, I was getting login attempts to the email address I set up for my script to use. I had hardcoded the email address and password into my code, and my computer science class didn’t teach us safe programming practices.
My situation had no ill consequences, but it could have if I had used my actual email for the script or if my project was bigger and I had used AWS or another cloud provider and hardcoded those credentials. In a later class I did learn how to safely pass credentials to my scripts without fear of leaking them on GitHub, but leaked credentials remained on my mind. This led me to the question “What happens when you leak your AWS API keys?”
In this article, I will share some research, resources, and real-world data related to leaked AWS API keys. I won’t get into scenarios where credentials are stored properly but stolen via a vulnerability, only where a developer or other AWS user hardcodes their credentials into a GitHub repository or a website.
Read the full entry: https://isc.sans.edu/diary/What+happens+when+you+accidentally+leak+your+AWS+API+keys+Guest+Diary/30730/1
MacOS Patches (and Safari, TVOS, VisionOS, WatchOS) (2024.03.08)
https://isc.sans.edu/diary/MacOS+Patches+and+Safari+TVOS+VisionOS+WatchOS/30726/
[Guest Diary] AWS Deployment Risks - Configuration and Credential File Targeting (2024.03.07)
Product: QNAP QTS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21899
ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8888
NVD References: https://www.qnap.com/en/security-advisory/qsa-24-09
Product: Microsoft Open Management Infrastructure (OMI)
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21334
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334
Product: Microsoft Azure Kubernetes Service
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21400
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400
Product: Fortinet FortiOS
CVSS Score: 0
** KEV since 2024-02-09 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21762
ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8888
Product: Apple iPadOS
CVSS Score: 7.8
** KEV since 2024-03-06 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23225
NVD References:
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/en-us/HT214082
- https://support.apple.com/kb/HT214083
- https://support.apple.com/kb/HT214084
- https://support.apple.com/kb/HT214085
- https://support.apple.com/kb/HT214086
- https://support.apple.com/kb/HT214087
- https://support.apple.com/kb/HT214088
Product: Apple iPadOS
CVSS Score: 7.8
** KEV since 2024-03-06 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23296
NVD References:
- https://support.apple.com/en-us/HT214081
- https://support.apple.com/kb/HT214084
- https://support.apple.com/kb/HT214086
- https://support.apple.com/kb/HT214087
- https://support.apple.com/kb/HT214088
Product: Microsoft Exchange Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26198
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198
Product: Microsoft Windows Hyper-VCVSS Score: 8.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21407ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21407CVE-2024-21408 - Windows Hyper-V Denial of Service VulnerabilityProduct: Microsoft Windows Hyper-VCVSS Score: 5.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21408ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21408CVE-2024-21431 - Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass VulnerabilityProduct: Microsoft HypervisorCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21431ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21431CVE-2024-22252, CVE-2024-22253 - VMware ESXi, Workstation, and Fusion use-after-free vulnerabilitiesProduct: VMware ESXiCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22252NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22253NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.htmlNVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.htmlCVE-2024-2005 - Blue Planet® products through 22.12 are vulnerable to privilege escalation due to a misconfiguration in the SAML implementation.Product: Ciena Blue PlanetCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2005NVD References: https://www.ciena.com/product-securityCVE-2023-50716 - eProsima Fast DDS (formerly Fast RTPS) versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7 allows a remote attacker to terminate the Fast-DDS process via an invalid DATA_FRAG Submessage causing a bad-free error.Product: eProsima Fast DDSCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50716NVD References: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2hCVE-2024-24767 - CasaOS-UserService is vulnerable to password brute force attacks in versions prior to 0.4.7, allowing attackers to gain super user-level access to the server.Product: CasaOS-UserServiceCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24767NVD References: - https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699- https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7- https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44xCVE-2024-27302 - Go-zero is vulnerable to bypassing CORS policy by using strings.HasSuffix to check the origin, leading to potential data retrieval on behalf of other users.Product: Go-zeroCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27302NVD References: - https://github.com/zeromicro/go-zero/commit/d9d79e930dff6218a873f4f02115df61c38b15db- https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fqCVE-2024-27304 - pgx is vulnerable to SQL injection when an attacker can cause a query or bind message to exceed 4 GB in size, but the issue is fixed in v4.18.2 and v5.5.4.Product: pgx PostgreSQL DriverCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27304NVD References: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghvCVE-2024-2173 - Chromium: Out of bounds memory access in V8Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2173ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2173NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325893559CVE-2024-2174 - Chromium: Inappropriate implementation in V8Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2174ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2174NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325866363CVE-2024-2176 - Chromium: Use after free in FedCMProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2176ISC Diary: https://isc.sans.edu/diary/30736MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2176NVD References: - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html- https://issues.chromium.org/issues/325936438CVE-2024-27307 - JSONata is a JSON query and transformation language with a vulnerability that allows for remote code execution prior to versions 1.8.7 and 2.0.4, which has been fixed in the latest versions.Product: JSONataCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27307NVD References: https://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8CVE-2024-28222 - Veritas NetBackup and NetBackup Appliance are prone to file path validation fai…
Product: Microsoft Hypervisor
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21431
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21431
Product: VMware ESXi
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22252
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22253
NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.html
NVD References: https://www.vmware.com/security/advisories/VMSA-2024-0006.html
Product: Ciena Blue Planet
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2005
NVD References: https://www.ciena.com/product-security
Product: eProsima Fast DDS
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50716
NVD References: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
Product: CasaOS-UserService
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24767
NVD References:
- https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699
- https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7
- https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x
Product: Go-zero
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27302
NVD References:
- https://github.com/zeromicro/go-zero/commit/d9d79e930dff6218a873f4f02115df61c38b15db
- https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fq
Product: pgx PostgreSQL Driver
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27304
NVD References: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2173
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2173
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325893559
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2174
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2174
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325866363
Product: Google Chrome
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2176
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-2176
NVD References:
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
- https://issues.chromium.org/issues/325936438
Product: JSONata
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27307
NVD References: https://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8
Product: Veritas NetBackup
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28222
NVD References: https://www.veritas.com/content/support/en_US/security/VTS23-010
Product: JFrog Artifactory
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-42662
NVD References: https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Product: Canon Small Office Multifunction Printers and Laser Printers
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2184
NVD References: https://psirt.canon/advisory-information/cp2024-002/
Product: ManageEngine Desktop Central
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2370
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-manageengine-desktop-central
Product: OpenAI NextChat
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49785
NVD References:
- https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web
- https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/
Product: SAP NetWeaver Administrator
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22127
NVD References:
- https://me.sap.com/notes/3433192
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
Product: Schneider Electric Modicon M221
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25995
NVD References: https://cert.vde.com/en/advisories/VDE-2024-011
Product: Siemens SINEMA Remote Connect Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-32257
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-576771.html
Product: Siemens Cerberus PRO EN Engineering Tool
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22039
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-225840.html
Product: Fortinet FortiOS and FortiProxy
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-42789
NVD References: https://fortiguard.com/psirt/FG-IR-23-328
Product: Fortinet FortiClientEMS
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47534
NVD References: https://fortiguard.com/psirt/FG-IR-23-390
Product: Fortinet FortiClientEMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48788
NVD References: https://fortiguard.com/psirt/FG-IR-23-430
Product: Badger Meter Monitool
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1301
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-badger-meters-monitool
Product: CMS Made Simple
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1527
NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cms-made-simple
Product: Microsoft Open Management Infrastructure (OMI)
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21330
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21330
Product: Microsoft Authenticator
CVSS Score: 7.1 AtRiskScore 30
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21390
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21390
Product: Microsoft .NET and Visual Studio
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21392
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21392
Product: Skype for Consumer
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21411
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411
Product: Microsoft SONiC
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21418
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418
Product: Microsoft Dynamics 365
CVSS Score: 7.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21419
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21419
Product: Azure SDK
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21421
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21421
Product: Microsoft SharePoint Server
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21426
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21426
Product: Microsoft Windows
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21427
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21427
Product: Microsoft Windows Update Stack
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21432
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21432
Product: Microsoft Windows Print Spooler
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21433
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21433
Product: Microsoft Windows SCSI Class System File
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21434
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21434
Product: Microsoft Windows
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21435
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21435
Product: Microsoft Windows Installer
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21436
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21436
Product: Microsoft Windows Graphics Component
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21437
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21437
Product: Microsoft AllJoyn API
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21438
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21438
Product: Microsoft Windows Telephony Server
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21439
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21439
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21440
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21440
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21441
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21441
Product: Windows USB Print Driver
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21442
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21442
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21444
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21444
Product: Windows USB Print Driver
CVSS Score: 7.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21445
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21445
Product: Microsoft NTFS
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21446
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21446
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21450
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21450
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21451
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21451
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26159
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26159
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26161
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26161
Product: Microsoft ODBC Driver
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26162
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26162
Product: Microsoft Django Backend
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26164
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26164
Product: Microsoft Visual Studio Code
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26165
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165
Product: Microsoft WDAC OLE DB provider for SQL Server
CVSS Score: 8.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26166
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166
Product: Microsoft Windows Error Reporting Service
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26169
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169
Product: Microsoft Windows Composite Image File System (CimFS)
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26170
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26170
Product: Microsoft Windows Kernel
CVSS Score: 7.3 -7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21443
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26173
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26176
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26178
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26182
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21443
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26173
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26178
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26182
Product: Microsoft QUIC
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26190
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190
Product: Microsoft Office
CVSS Score: 7.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26199
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26199
Product: Microsoft Azure Data Studio
CVSS Score: 7.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26203
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26203
Product: Microsoft Outlook for Android
CVSS Score: 7.5
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26204
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26204
Product: Intumit SmartRobot
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2413
NVD References: https://www.twcert.org.tw/tw/cp-132-7697-ecf10-1.html
Product: Register File Data Sampling (RFDS)
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28746
ISC Diary: https://isc.sans.edu/diary/30736
MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28746
2024 SANS State of Security Automation Survey | We would like to understand what drives automation in security teams, the role of automation in facilitating collaboration, and the ongoing challenges of automating security operations. Complete this survey for a chance to win a $250 Amazon gift card!
Buyers Guide: How to Secure Egress Traffic from Workloads in the Public Cloud | Tune in with Dave Shackleford will explore the inherent challenges associated with legacy cloud workload security, and highlight seven critical capabilities to securing egress traffic from workloads in the public cloud. Register now:
2024 SANS State of Security Automation Survey | We would like to understand what drives automation in security teams, the role of automation in facilitating collaboration, and the ongoing challenges of automating security operations. Complete this survey for a chance to win a $250 Amazon gift card!
Shining a Light in the Dark: Observability and Security on March 21 | Join Matt Bromiley and Elastic’s Security and Observability experts Gagan Singh and Jennifer Ellard to discover how a convergence between security and observability empowers your teams. Save your seat today: