Airlift.microsoft.com Elevation of Privilege Vulnerability
CVE-2024-49056

7.3HIGH

Key Information:

Vendor

Microsoft
Status
Airlift.microsoft.com
Vendor
CVE Published:
12 November 2024

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2024-49056?

The vulnerability on the Airlift platform allows an attacker with authorized access to exploit weaknesses related to assumed-immutable data, leading to potential elevation of privileges over a network. This can enable unauthorized actions that compromise system integrity and data confidentiality. It is critical for organizations using the Airlift product to assess their security posture and implement necessary patches to mitigate the risks posed by this vulnerability. For further details, refer to the Microsoft advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

airlift.microsoft.com Unknown

News Articles

favicon imageCrowdStrike.com

November 2024 Patch Tuesday: Updates and Analysis | CrowdStrike

Microsoft has released security updates for 158 vulnerabilities, including three zero-days and four critical, for its November 2024 Patch Tuesday rollout.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by CrowdStrike.com

  • Vulnerability published

JSON
.