CVE-2024-21409
📊 7.3 HIGH⚡ 54.7%🎯 1 exploits
📅 Published Apr 9, 2024
📋 Status: Modified
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
48 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 23h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:* |
📱App | microsoft | .net | ≥ 6.0.0 ∧ < 6.0.29 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
📱App | microsoft | .net | ≥ 7.0.0 ∧ < 7.0.18 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
📱App | microsoft | .net | ≥ 8.0.0 ∧ < 8.0.4 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
📱App | microsoft | powershell | ≥ 7.2 ∧ < 7.2.19 | Vulnerable | cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:* |
📱App | microsoft | powershell | ≥ 7.3 ∧ < 7.3.12 | Vulnerable | cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:* |
📱App | microsoft | powershell | ≥ 7.4 ∧ < 7.4.2 | Vulnerable | cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.4.0 ∧ < 17.4.18 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.6.0 ∧ < 17.6.14 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.8.0 ∧ < 17.8.9 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.9.0 ∧ < 17.9.6 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1809 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1809 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
Version: ≥ 6.0.0 ∧ < 6.0.29
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
Version: ≥ 7.0.0 ∧ < 7.0.18
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
Version: ≥ 8.0.0 ∧ < 8.0.4
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.2 ∧ < 7.2.19
CPE:
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.3 ∧ < 7.3.12
CPE:
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.4 ∧ < 7.4.2
CPE:
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.4.0 ∧ < 17.4.18
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.6.0 ∧ < 17.6.14
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.8.0 ∧ < 17.8.9
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.9.0 ∧ < 17.9.6
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
48 products•scroll for more
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
LOW
User Interaction:
REQUIRED
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
7.3 (HIGH)v3.1
Source: [email protected]
EPSS Details
54.7% (High)97.9th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Apr 9, 2024 (1 year ago)
Last Modified
Jan 17, 2025 (9 months ago)
Security Weaknesses2
CWE-416
Available exploits (1)
References3
NVDadvisoryadvisory