Skip to main content

Update Catalog

1 CVEs product

Monthly

CVE-2024-49147 CRITICAL Act Now

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Microsoft Update Catalog
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Microsoft Update Catalog
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy