CVE-2024-29059 - Microsoft .NET Framework Information Disclosure Vulnerability
Project:Microsoft
Product:.NET Framework
Date Added:2025-02-04Due Date:2025-02-25
Vulnerability Name
Microsoft .NET Framework Information Disclosure Vulnerability
Description
Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059
https://nvd.nist.gov/vuln/detail/CVE-2024-29059
Related News Articles
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacksFebruary 6, 2025
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25February 5, 2025