Elevation of Privilege Vulnerability Affects Microsoft Authenticator
CVE-2024-21390

7.1HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Authenticator
Vendor
CVE Published:
12 March 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-21390?

Microsoft Authenticator is vulnerable to an elevation of privilege issue, which may allow attackers to exploit the application and gain unauthorized access to critical functions. This vulnerability can compromise the security posture of users relying on the app for multifactor authentication. Affected users are advised to apply patches and updates promptly to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft Authenticator Unknown 1.0.0 < 6.2401.0617

News Articles

favicon imagevulnerbyte.com

به‌ روزرسانی‌ های Patch Tuesday مارس ۲۰۲۴ مایکروسافت

مایکروسافت روز سه‌شنبه، دوازدهم مارس ۲۰۲۴، Patch Tuesday ماهانه خود را منتشر و به ۶۱ نقص امنیتی مختلف در نرم‌افزار خود رسیدگی کرد.

favicon imageThe Hacker News

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

JSON
.