9.1
CRITICAL
CVE-2024-38200
Microsoft Office Elevation of Privilege
Description

Microsoft Office Spoofing Vulnerability

INFO

Published Date :

Aug. 12, 2024, 1:38 p.m.

Last Modified :

Aug. 13, 2024, 6:15 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.2

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2024-38200 has a 3 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-38200 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Microsoft office
2 Microsoft 365_apps
3 Microsoft office_long_term_servicing_channel
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-38200.

URL Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

PoC on how Office 365 handles some files.

assembler assembly-language exploit exploitation javascript logic poc 2024 hacktoberfest hacktoberfest-accepted

Assembly JavaScript

Updated: 2 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Oct. 2, 2024, 9:05 p.m. This repo has been linked 1 different CVEs too.

CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability

HTML Python

Updated: 1 month ago
129 stars 25 fork 25 watcher
Born at : Sept. 24, 2024, 7:24 p.m. This repo has been linked 1 different CVEs too.

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security cve exploit poc vulnerability

Updated: 2 weeks, 1 day ago
6566 stars 1140 fork 1140 watcher
Born at : Dec. 8, 2019, 1:03 p.m. This repo has been linked 958 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-38200 vulnerability anywhere in the article.

  • Cybersecurity News
PythonRatLoader: The Malware Loader That’s Turning Phishing Into a Multi-Stage Attack

Attack Flow | Image: CofenseA recent report by Adam Martin and Kian Buckley Maher from the Cofense Phishing Defense Center (PDC) has revealed a sophisticated malware loader, PythonRatLoader, that is b ... Read more

Published Date: Nov 02, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
Chrome Patches Multi Vulnerabilities in Latest Stable Release

Google has rolled out a crucial update to its Chrome browser, addressing three high-severity security flaws that could be exploited by attackers. The update, versions 130.0.6723.69/.70 for Windows and ... Read more

Published Date: Oct 23, 2024 (1 month, 4 weeks ago)
  • Cybersecurity News
HORUS Protector: The New Undetectable Malware Crypter Threatening Cybersecurity

In a recent discovery by the SonicWall Capture Labs threat research team, a new malware crypter known as “HORUS Protector” has emerged, presenting a significant threat to cybersecurity defenses. This ... Read more

Published Date: Oct 18, 2024 (2 months ago)
  • TheCyberThrone
Cisco reveals no patch available for CVE-2024-20393 and CVE-2024-20470

Cisco  has revealed multiple vulnerabilities impacting its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which could potentially expose businesses to serious security r ... Read more

Published Date: Oct 07, 2024 (2 months, 2 weeks ago)
  • TheCyberThrone
Apple fixes critical bugs in iOS 18

If you have any Apple devices running iOS 18, then make sure they have the latest patches installed.Apple has released an urgent iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respec ... Read more

Published Date: Oct 06, 2024 (2 months, 2 weeks ago)
  • TheCyberThrone
PoC for Microsoft Office Zeroday CVE-2024-38200 released

Security researcher Metin Yunus Kandemir have released the technical details and a PoC exploit that reveals a critical information disclosure flaw in Microsoft Office. This vulnerability, which affect ... Read more

Published Date: Oct 05, 2024 (2 months, 2 weeks ago)
  • The Cyber Express
The Week’s Top Vulnerabilities: Cyble Urges Fixes for NVIDIA, Adobe, CUPS

Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more

Published Date: Oct 04, 2024 (2 months, 2 weeks ago)
  • Cybersecurity News
Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

PDF containing a Dropbox URL | Image: Proofpoint Cybersecurity researchers at Proofpoint have uncovered a new phishing campaign that impersonates the British postal service, Royal Mail, to distribute ... Read more

Published Date: Oct 04, 2024 (2 months, 2 weeks ago)
  • Cybersecurity News
0-Day Flaw CVE-2024-38200 in Microsoft Office Exposes NTLMv2 Hashes: PoC Exploit Released

A discovered zero-day vulnerability is putting Microsoft Office users at risk. Security researcher Metin Yunus Kandemir recently published the technical details and a proof-of-concept (PoC) exploit th ... Read more

Published Date: Oct 03, 2024 (2 months, 2 weeks ago)
  • Cybersecurity News
Earth Preta’s Cyber Arsenal Expands: New Malware and Strategies Target APAC Governments

A new report from Trend Micro has revealed that Earth Preta, the notorious cyber espionage group, has significantly evolved its tactics and malware arsenal, posing a heightened threat to government en ... Read more

Published Date: Sep 11, 2024 (3 months, 1 week ago)
  • Cybersecurity News
CVE-2024-8517: Critical SPIP Flaw Leaves Websites Vulnerable to Remote Attacks, PoC Published

The popular open-source content management system (CMS), SPIP, is facing a critical security vulnerability that could allow unauthenticated attackers to execute malicious code on affected servers. The ... Read more

Published Date: Sep 11, 2024 (3 months, 1 week ago)
  • Cybersecurity News
HAProxy Vulnerability CVE-2024-45506 Under Active Exploit: Urgent Patching Required

In the latest security advisory, HAProxy revealed that CVE-2024-45506, a vulnerability in its popular load balancing and proxy software, is now actively exploited. The vulnerability, which has a CVSS ... Read more

Published Date: Sep 09, 2024 (3 months, 1 week ago)
  • europa.eu
Cyber Brief 24-09 - August 2024

Cyber Brief (August 2024)September 4, 2024 - Version: 1.0TLP:CLEARExecutive summaryWe analysed 249 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, th ... Read more

Published Date: Sep 04, 2024 (3 months, 2 weeks ago)
  • tripwire.com
Tripwire Patch Priority Index for August 2024

Tripwire's August 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Adobe and Google.First on the list are patches for Microsoft Edge and Google Chromium that re ... Read more

Published Date: Sep 02, 2024 (3 months, 2 weeks ago)
  • Cybersecurity News
PoC Exploit Released for Arbitrary File Write Flaw (CVE-2024-22263) in Spring Cloud Data Flow

Security researcher Zeyad Azima from SecureLayer7 published the proof-of-concept exploit for arbitrary file write vulnerability (CVE-2024-22263) in Spring Cloud Data Flow, a widely-used tool for cloud ... Read more

Published Date: Aug 28, 2024 (3 months, 3 weeks ago)
  • Cybersecurity News
CVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately

Image: Horizon3Please enable JavaScriptTwo critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for both personal and corporate applications. The vul ... Read more

Published Date: Aug 27, 2024 (3 months, 3 weeks ago)
  • Cybersecurity News
PoC Exploit Released for RCE 0-day CVE-2024-41992 in Arcadyan FMIMG51AX000J Model

A critical vulnerability, identified as CVE-2024-41992, has been discovered in the Arcadyan FMIMG51AX000J model, and potentially other WiFi Alliance-affiliated devices using the same firmware version ... Read more

Published Date: Aug 22, 2024 (3 months, 4 weeks ago)
  • Help Net Security
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day v ... Read more

Published Date: Aug 18, 2024 (4 months ago)
  • Cybersecurity News
Cybercriminals Evolve Social Engineering Tactics, Exploit CVE-2022-26923 in Sophisticated Campaign

Credential harvester prompt spawned by `AntiSpam.exe | Image: Rapid7 Recently, cybersecurity firm Rapid7 identified a series of sophisticated intrusion attempts linked to an ongoing social engineering ... Read more

Published Date: Aug 17, 2024 (4 months ago)
  • security.nl
Microsoft dicht zes actief misbruikte kwetsbaarheden in Office en Windows

Tijdens de patchdinsdag van augustus heeft Microsoft zes kwetsbaarheden in Office en Windows verholpen die actief zijn misbruikt voordat de updates beschikbaar waren. Drie van de beveiligingslekken ma ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • The Cyber Express
Microsoft Tackles 9 Zero-Day Exploits in August 2024 Patch Tuesday Update

Microsoft has released its August 2024 Patch Tuesday update, addressing multiple vulnerabilities across its software ecosystem. This month’s update features fixes for a total of 90 vulnerabilities, in ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • The Hacker News
Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits

Windows Security / Vulnerability Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of th ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • TheCyberThrone
Microsoft Patch Tuesday-August 2024

Microsoft patched 90 CVEs in its August 2024 Patch Tuesday release, with seven rated critical, 82 rated as important, and one rated as moderate.This includes updates for vulnerabilities in Microsoft O ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • Cybersecurity News
CISA & Microsoft Warn of 6 Actively Exploited Zero-Day Vulnerabilities

Microsoft’s August 2024 Patch Tuesday release addresses 88 vulnerabilities, including seven critical flaws and 10 zero-day vulnerabilities. Among these, six are currently being actively exploited in t ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • The Register
Patch Tuesday brings 90 new Microsoft CVEs, six already under exploit

Patch Tuesday Microsoft has disclosed 90 flaws in its products – six of which have already been exploited – and four others that are listed as publicly known. There's another dozen in the list from th ... Read more

Published Date: Aug 14, 2024 (4 months, 1 week ago)
  • tripwire.com
VERT Threat Alert: August 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed.CVE ... Read more

Published Date: Aug 13, 2024 (4 months, 1 week ago)
  • Help Net Security
Microsoft fixes 6 zero-days under active attack

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under ... Read more

Published Date: Aug 13, 2024 (4 months, 1 week ago)
  • BleepingComputer
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited

Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an ... Read more

Published Date: Aug 13, 2024 (4 months, 1 week ago)
  • TheCyberThrone
FreeBSD Project fixes Critical Vulnerability CVE-2024-7589

The FreeBSD Project disclosed a critical vulnerability in OpenSSH, could allow a determined attacker to execute arbitrary code remotely with root privileges, potentially compromising the entire system ... Read more

Published Date: Aug 12, 2024 (4 months, 1 week ago)
  • Help Net Security
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and req ... Read more

Published Date: Aug 12, 2024 (4 months, 1 week ago)
  • security.nl
Microsoft waarschuwt voor Office-lek dat aanvaller NTLM-hashes laat stelen

Microsoft waarschuwt voor een spoofing-kwetsbaarheid in Microsoft Office 2016, 2019, LTSC 2021 en Microsoft 365 Apps for Enterprise waardoor een aanvaller NTLM-hashes van gebruikers kan stelen. Een be ... Read more

Published Date: Aug 12, 2024 (4 months, 1 week ago)
  • Cybersecurity News
CVE-2024-38200: Zero-Day Vulnerability in Microsoft Office: A Call for Urgent Action

In a recent advisory published on August 8th, Microsoft disclosed a high-severity zero-day vulnerability affecting multiple versions of its Office software suite. The vulnerability tracked as CVE-2024 ... Read more

Published Date: Aug 11, 2024 (4 months, 1 week ago)
  • TheCyberThrone
TheCyberThrone Security Week In Review – August 10, 2024

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 10, 2024.Google Fixes Android Zero ... Read more

Published Date: Aug 11, 2024 (4 months, 1 week ago)
  • TheCyberThrone
AMD Chips get haunted by decade old bug

Researchers have published a report on an older vulnerability in AMD processors that could potentially allow an attacker to disable critical memory protections in the Ryzen and Epyc CPU lines, potenti ... Read more

Published Date: Aug 10, 2024 (4 months, 1 week ago)
  • Cyber Security News
Microsoft Office Spoofing Vulnerability Let Attackers Steal Sensitive Data

Microsoft has disclosed a significant security vulnerability in its Office suite, identified as CVE-2024-38200, which could potentially allow attackers to access sensitive information. This spoofing v ... Read more

Published Date: Aug 10, 2024 (4 months, 1 week ago)
  • TheCyberThrone
Microsoft Office Zeorday CVE-2024-38200

Microsoft has disclosed the details of an unpatched zero-day in office that could result in unauthorized disclosure of sensitive information to malicious actors.The vulnerability, tracked as CVE-2024- ... Read more

Published Date: Aug 10, 2024 (4 months, 1 week ago)
  • The Hacker News
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Vulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicio ... Read more

Published Date: Aug 10, 2024 (4 months, 1 week ago)
  • BleepingComputer
Microsoft discloses unpatched Office flaw that exposes NTLM hashes

Update with further information from Microsoft.​ Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-382 ... Read more

Published Date: Aug 09, 2024 (4 months, 1 week ago)
  • BleepingComputer
Microsoft discloses Office zero-day, still working on a patch

​Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. Tracked as CVE-2024-38200, this security flaw is caused by an infor ... Read more

Published Date: Aug 09, 2024 (4 months, 1 week ago)

The following table lists the changes that have been made to the CVE-2024-38200 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Aug. 13, 2024

    Action Type Old Value New Value
    Removed CVSS V3.1 Microsoft Corporation AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    Added CVSS V3.1 Microsoft Corporation AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  • Initial Analysis by [email protected]

    Aug. 13, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    Changed Reference Type https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 No Types Assigned https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 Patch, Vendor Advisory
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:* *cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:* *cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:* *cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:* *cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:* *cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:* *cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:* *cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*
  • CVE Received by [email protected]

    Aug. 12, 2024

    Action Type Old Value New Value
    Added Description Microsoft Office Spoofing Vulnerability
    Added Reference Microsoft Corporation https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 [No types assigned]
    Added CWE Microsoft Corporation CWE-200
    Added CVSS V3.1 Microsoft Corporation AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-38200 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-38200 weaknesses.

CAPEC-13: Subverting Environment Variable Values Subverting Environment Variable Values CAPEC-22: Exploiting Trust in Client Exploiting Trust in Client CAPEC-59: Session Credential Falsification through Prediction Session Credential Falsification through Prediction CAPEC-60: Reusing Session IDs (aka Session Replay) Reusing Session IDs (aka Session Replay) CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-116: Excavation Excavation CAPEC-169: Footprinting Footprinting CAPEC-224: Fingerprinting Fingerprinting CAPEC-285: ICMP Echo Request Ping ICMP Echo Request Ping CAPEC-287: TCP SYN Scan TCP SYN Scan CAPEC-290: Enumerate Mail Exchange (MX) Records Enumerate Mail Exchange (MX) Records CAPEC-291: DNS Zone Transfers DNS Zone Transfers CAPEC-292: Host Discovery Host Discovery CAPEC-293: Traceroute Route Enumeration Traceroute Route Enumeration CAPEC-294: ICMP Address Mask Request ICMP Address Mask Request CAPEC-295: Timestamp Request Timestamp Request CAPEC-296: ICMP Information Request ICMP Information Request CAPEC-297: TCP ACK Ping TCP ACK Ping CAPEC-298: UDP Ping UDP Ping CAPEC-299: TCP SYN Ping TCP SYN Ping CAPEC-300: Port Scanning Port Scanning CAPEC-301: TCP Connect Scan TCP Connect Scan CAPEC-302: TCP FIN Scan TCP FIN Scan CAPEC-303: TCP Xmas Scan TCP Xmas Scan CAPEC-304: TCP Null Scan TCP Null Scan CAPEC-305: TCP ACK Scan TCP ACK Scan CAPEC-306: TCP Window Scan TCP Window Scan CAPEC-307: TCP RPC Scan TCP RPC Scan CAPEC-308: UDP Scan UDP Scan CAPEC-309: Network Topology Mapping Network Topology Mapping CAPEC-310: Scanning for Vulnerable Software Scanning for Vulnerable Software CAPEC-312: Active OS Fingerprinting Active OS Fingerprinting CAPEC-313: Passive OS Fingerprinting Passive OS Fingerprinting CAPEC-317: IP ID Sequencing Probe IP ID Sequencing Probe CAPEC-318: IP 'ID' Echoed Byte-Order Probe IP 'ID' Echoed Byte-Order Probe CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe IP (DF) 'Don't Fragment Bit' Echoing Probe CAPEC-320: TCP Timestamp Probe TCP Timestamp Probe CAPEC-321: TCP Sequence Number Probe TCP Sequence Number Probe CAPEC-322: TCP (ISN) Greatest Common Divisor Probe TCP (ISN) Greatest Common Divisor Probe CAPEC-323: TCP (ISN) Counter Rate Probe TCP (ISN) Counter Rate Probe CAPEC-324: TCP (ISN) Sequence Predictability Probe TCP (ISN) Sequence Predictability Probe CAPEC-325: TCP Congestion Control Flag (ECN) Probe TCP Congestion Control Flag (ECN) Probe CAPEC-326: TCP Initial Window Size Probe TCP Initial Window Size Probe CAPEC-327: TCP Options Probe TCP Options Probe CAPEC-328: TCP 'RST' Flag Checksum Probe TCP 'RST' Flag Checksum Probe CAPEC-329: ICMP Error Message Quoting Probe ICMP Error Message Quoting Probe CAPEC-330: ICMP Error Message Echoing Integrity Probe ICMP Error Message Echoing Integrity Probe CAPEC-472: Browser Fingerprinting Browser Fingerprinting CAPEC-497: File Discovery File Discovery CAPEC-508: Shoulder Surfing Shoulder Surfing CAPEC-573: Process Footprinting Process Footprinting CAPEC-574: Services Footprinting Services Footprinting CAPEC-575: Account Footprinting Account Footprinting CAPEC-576: Group Permission Footprinting Group Permission Footprinting CAPEC-577: Owner Footprinting Owner Footprinting CAPEC-616: Establish Rogue Location Establish Rogue Location CAPEC-643: Identify Shared Files/Directories on System Identify Shared Files/Directories on System CAPEC-646: Peripheral Footprinting Peripheral Footprinting CAPEC-651: Eavesdropping Eavesdropping
CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability