Microsoft/Muzic Remote Code Execution Vulnerability
CVE-2024-49063

8.4HIGH

Key Information:

Vendor: Microsoft
Status: Muzic
Vendor: CVE Published:; 12 December 2024

Badges

📰 News Worthy

Summary

This vulnerability in Microsoft Muzic allows attackers to execute arbitrary code on the affected systems. By exploiting this flaw, an attacker can gain unauthorized access, potentially compromising sensitive data and system integrity. Users are advised to update their software to the latest version to mitigate potential security risks.

Affected Version(s)

Muzic Unknown 1.0.0 < 196.0

News Articles

Computer Weekly

CVE-2024-49138 CVE-2024-49063

Dangerous CLFS and LDAP flaws stand out on Patch Tuesday | Computer...

Microsoft has fixed over 70 CVEs in its final Patch Tuesday update of the year, and defenders should prioritise a zero-day in the Common Log File System Driver, and another impactful flaw in the Lightweight Directory Access Protocol.

4 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2024
📰
First article discovered by Computer Weekly
Dec 10, 2024
Vulnerability Reserved
Oct 11, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)