CVE-2024-21404

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 13, 2024

Updated: May 29, 2024

CWE ID 476

Summary

CVE-2024-21404 is a Denial of Service (DoS) vulnerability affecting Microsoft's .NET framework. This issue allows an attacker to send specially crafted packets to trigger an infinite loop, consuming significant system resources and causing the targeted application to become unresponsive. The vulnerability can result in a Denial of Service condition, making the application inaccessible to legitimate users. Microsoft is encouraging users to update their .NET installations as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft ASP.NET Core
Microsoft Visual Studio 2022

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ugcldk
https://www.cve.org/CVERecord?id=CVE-2024-21404
https://nvd.nist.gov/vuln/detail/CVE-2024-21404

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners