Remote Code Execution Vulnerability Affects Microsoft Project
CVE-2024-38189

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Office 2019; Microsoft 365 Apps For Enterprise; Microsoft Project 2016; Microsoft Office Ltsc 2021
Vendor: CVE Published:; 13 August 2024

Badges

📈 Score: 297👾 Exploit Exists🟣 EPSS 38%🦅 CISA Reported

What is CVE-2024-38189?

CVE-2024-38189 is a critical remote code execution vulnerability affecting Microsoft Project, a widely used project management software that helps organizations plan, execute, and manage projects effectively. This vulnerability allows attackers to execute arbitrary code on vulnerable systems, posing a significant risk to organizations' data integrity and operational continuity. Organizations utilizing Microsoft Project are particularly vulnerable to this threat, as exploitation could lead to unauthorized access, data manipulation, and further compromise of network resources.

Technical Details

CVE-2024-38189 is rooted in a flaw within the Microsoft Project software that permits remote code execution. When exploited, this vulnerability allows an attacker to run malicious code on the affected system without needing physical access. This can lead to a range of nefarious activities, including installation of malware, data theft, and exploitation of connected systems. The intricate nature of Microsoft Project’s workflows can exacerbate the impact of this vulnerability, making successful attacks particularly damaging.

Potential Impact of CVE-2024-38189

Unauthorized Access and Control: Successful exploitation of this vulnerability can grant attackers direct control over the affected systems, allowing them to manipulate project data, access sensitive information, and disrupt ongoing operations.
Data Breaches: Exploiting CVE-2024-38189 could lead to significant data breaches, where sensitive project information and organizational data are exposed or stolen. The loss of intellectual property and confidential information can severely impact an organization's reputation and lead to financial losses.
Malware Deployment: The ability to execute arbitrary code means that attackers can deploy malware on compromised systems. This could include ransomware, which encrypts files and demands payment for their release, further hindering business operations and potentially leading to additional financial repercussions.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2019 32-bit Systems 19.0.0

Microsoft Office LTSC 2021 32-bit Systems 16.0.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

EPSS Score

38% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 13, 2024
🦅
CISA Reported
Aug 13, 2024
Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jun 11, 2024