PT-2024-3008 · Microsoft+1 · Visual Studio+3

Wh1Tc

Published

2024-04-09

Updated

2025-09-04

CVE-2024-21409

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions .NET Framework versions (affected versions not specified) .NET versions (affected versions not specified) Visual Studio versions (affected versions not specified)

Description The issue is related to the use of memory after it has been freed, which can allow an attacker to execute arbitrary code. This can affect the system and potentially lead to remote code execution.

Recommendations For .NET Framework, update to a version that includes a fix for this issue. For .NET, update to a version that includes a fix for this issue. For Visual Studio, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2024-12834

ALT-PU-2024-12835

ALT-PU-2024-12836

ALT-PU-2024-12837

ALT-PU-2024-13115

ALT-PU-2024-13117

ALT-PU-2024-13118

ALT-PU-2024-13119

ALT-PU-2024-16742

ALT-PU-2024-16744

ALT-PU-2024-16792

ALT-PU-2024-16794

ALT-PU-2024-16796

ALT-PU-2024-16799

ALT-PU-2024-16800

ALT-PU-2024-16939

BDU:2024-03190

BIT-DOTNET-2024-21409

BIT-DOTNET-SDK-2024-21409

BIT-POWERSHELL-2024-21409

CVE-2024-21409

GHSA-6QMX-42H2-J8H6

Affected Products

.Net Framework

Alt Linux

Net

Visual Studio

PT-2024-3008 · Microsoft+1 · Visual Studio+3

CVE-2024-21409

Weakness Enumeration

Related Identifiers

Affected Products

References · 20