CVE-2024-21333

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 9, 2024

CWE ID 122

Summary

CVE-2024-21333 is a remote code execution vulnerability affecting the SQL Server Native Client OLE DB Provider. An attacker can exploit this issue by sending specially crafted packets to a targeted SQL Server instance, resulting in the execution of arbitrary code. Successful exploitation allows the attacker to gain control over the affected system, potentially leading to data theft, unauthorized access, or further attacks. Organizations using SQL Server Native Client OLE DB Provider are urged to apply patches or workarounds to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/w6fznH
https://www.cve.org/CVERecord?id=CVE-2024-21333
https://nvd.nist.gov/vuln/detail/CVE-2024-21333

Back to Vulnerability Database

CVE-2024-21333

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations