CVE-2024-38193

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 14, 2024
CWE ID 416

Summary

CVE-2024-38171 is a newly disclosed vulnerability affecting Microsoft PowerPoint. This remote code execution (RCE) issue allows an attacker to manipulate specially crafted PowerPoint files to execute malicious code on a victim's system, potentially leading to unauthorized access or data theft. Successful exploitation of this vulnerability does not require user interaction and can occur when the user opens a malicious PowerPoint file in Preview mode or when opening an email attachment. Microsoft recommends applying the latest patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 10
  • Microsoft Windows 11

Affected Vendors

  • Microsoft