CVE-2024-21444
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-21444 is a Remote Code Execution vulnerability affecting Microsoft's Windows Defender Application Control (WDAC) OLE DB provider for SQL Server. An attacker can exploit this flaw by sending specially crafted data to a target system, resulting in unintended code execution. Successful exploitation could lead to significant security consequences, such as unauthorized system access or data theft. It is essential for organizations using SQL Server with the Microsoft WDAC OLE DB provider to apply the relevant patches as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows 10
- Microsoft Windows 11
Affected Vendors
- Microsoft