CVE-2024-21411

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Mar 12, 2024

Updated: Dec 27, 2024

CWE ID 453

Summary

CVE-2024-21411 is a critical remote code execution vulnerability affecting Skype for Consumer. When a specially crafted file is opened in Skype's conversation window, an attacker can exploit this flaw to execute arbitrary code on the victim's system. This issue poses a significant risk to users as it can lead to unauthorized system access, data theft, or further malicious activity. Microsoft urges all Skype for Consumer users to update their software to the latest version immediately to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Skype

Affected Vendors

Skype

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/StaixZpj
https://www.cve.org/CVERecord?id=CVE-2024-21411
https://nvd.nist.gov/vuln/detail/CVE-2024-21411

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners