CVERadar

CVE-2024-30040

Medium Severity

Microsoft

SVRS

30/100

CVSSv3

NA/10

EPSS

0.13227/1

CVE-2024-30040 is a Windows MSHTML Platform Security Feature Bypass Vulnerability that could allow attackers to bypass security features. This vulnerability, while having a CVSS score of 0, has been actively exploited in the wild. SOCRadar's Vulnerability Risk Score (SVRS) is 30, indicating a moderate level of risk, but the "In The Wild" and "Exploit Available" tags should raise concern. Successful exploitation could lead to unauthorized access and control over affected systems. Organizations should review the vendor-advisory and apply available patches. Even though the SVRS is relatively low, the active exploits and CISA KEV status means that it should be carefully monitored due to the potential damage. Addressing this vulnerability is crucial to mitigate the risk of exploitation.

Indicators of Compromise

No IOCs found for this CVE

Exploits

Title	Software Link	Date
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability	https://www.cisa.gov/search?g=CVE-2024-30040	2024-05-14

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-30040 | Microsoft Windows up to Server 2022 23H2 MSHTML input validation

vuldb.com2025-03-30

CVE-2024-30040 | Microsoft Windows up to Server 2022 23H2 MSHTML input validation | A vulnerability was found in Microsoft Windows. It has been classified as very critical. This affects an unknown part of the component MSHTML. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-30040. It is possible to initiate the attack remotely. Furthermore, there is an

vuldb.com

rss

forum

news

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days - The Hacker News

2024-05-15

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days - The Hacker News | News Content: Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild. Of the 61 flaws, one is rated Critical, 59 are rated Important, and one is rated Moderate in severity. This is in addition to 30 vulnerabilities resolved in the Chromium-based Edge browser over the past month, including two recently disclosed zero-days (CVE-2024-4671 and CVE-2024-4761

google.com

rss

forum

news

Microsoft October update patches two zero-day vulnerabilities it says are being actively exploited - CSO Online

2024-10-09

Microsoft October update patches two zero-day vulnerabilities it says are being actively exploited - CSO Online | News Content: Patch Tuesday update addresses five zero days, with eight other vulnerabilities likely to be exploited within weeks. Credit: Shutterstock The drama of Patch Tuesday often revolves around zero days, which in October’s haul of 117 vulnerabilities brings patch managers a total of five that have been publicly disclosed. Of those, Microsoft said that two are being actively exploited. The first is CVE-2024-43573, intriguingly a spoofing flaw in the Windows MSHTML component. If this doesn’t ring any bells, MSHTML

cves

google.com

rss

forum

Microsoft fixes three zero-day vulnerabilities, two actively exploited - CSO Online

2024-05-15

Microsoft fixes three zero-day vulnerabilities, two actively exploited - CSO Online | News Content: The company’s Patch Tuesday includes fixes for flaws in Windows Desktop Window Manager, Windows MSHTML, and Visual Studio, among others, that IT security orgs should prioritize. Credit: StockStudio Aerials / Shutterstock Microsoft released its monthly batch of security fixes on Tuesday, which included patches for three vulnerabilities that already had exploits available. Two of those vulnerabilities are being actively exploited, with one being used by multiple groups to deliver malware, including the QakBot trojan. Microsoft’s updates addressed 61 vulnerabilities across its products, but only one was

google.com

rss

forum

news

Microsoft Patches Zero-Day Vulnerability Exploited to Deliver QakBot and Other Malware - HIPAA Journal

2024-05-16

Microsoft Patches Zero-Day Vulnerability Exploited to Deliver QakBot and Other Malware - HIPAA Journal | News Content: Microsoft has released a patch to fix a zero-day Windows vulnerability – CVE-2024-30051 – exploited in attacks delivering QakBot malware. Healthcare organizations should prioritize this patch as QakBot has been used in many attacks on the healthcare sector. QakBot, aka QBot, was first identified in 2008 and was initially a banking trojan that was used to steal banking information and credentials. The malware has evolved over the years into a malware delivery service, with the operators acting as an initial access broker, selling

google.com

rss

forum

news

20th May – Threat Intelligence Report

hagarb2024-05-20

20th May – Threat Intelligence Report | For the latest discoveries in cyber research for the week of 20th May, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Australian electronic prescriptions provider MediSecure suffered a significant ransomware attack, leading to widespread disruptions and data breaches. The impact of the attack has been profound, broadly affecting healthcare data broadly in the country. […] The post 20th May – Threat Intelligence Report appeared first on Check Point Research

cve-2024-30046

cve-2024-22267

cve-2024-30051

cve-2024-30040

Patch Tuesday, May 2024 Edition

BrianKrebs2024-05-14

Patch Tuesday, May 2024 Edition | Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day

cve-2024-30051

cve-2024-30044

cve-2024-30040

domains

Social Media

DevSagazz

@DevSagazz

2024-06-22

📱 CVE-2024-30040: Brecha no Microsoft 365 e Office Permite execução de código se um usuário abrir um documento malicioso. Como se proteger: Evite abrir arquivos de fontes desconhecidas e mantenha o software atualizado. #Office #Security

Rivanorth - Web3 Cybersecurity

@rivanorthSec

2024-06-03

CVE-2024-30040 - Windows MSHTML Platform - Severity Rating: 8.8 (High)

Maverick Wolf

@maverickwolf80

2024-05-25

🚨 CVE-2024-30040: Bypass de segurança no MSHTML do Windows. Explorado via engenharia social com pontuação CVSSv3 de 8.8 (BleepingComputer). #SegurançaCibernética #Vulnerabilidade

Mirazon

@Mirazon

2024-05-21

#Microsoft rolled out 62 updates on #PatchTuesday this week, including three #zeroday vulnerabilities (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040), forcing immediate patch deployment recommendations for Windows desktops. https://t.co/KhsabzS18B

Privileged Users

@privilegedusers

2024-05-17

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) https://t.co/5hXqnUhalq https://t.co/UJ5OJzCfzX

Ted Gorospe

@tgorospe

2024-05-16

Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040) https://t.co/St1GpRmQPr https://t.co/XpW7BTISCw

transilienceai

@transilienceai

2024-05-16

[ "The following CVEs are being actively targeted: CVE-2024-3400, CVE-2023-27997, CVE-2024-30040, CVE-2024-21412, CVE-2024-3094, CVE-2024-21338, CVE-2024-4854, CVE-2024-4761, CVE-2024-21793, CVE-2024-26026, CVE-2023-46805, CVE-2024-20358,

Trending Tech Nieuws (bot)

@TrendingNewsBot

2024-05-15

Hoe microsoft drie zero-day kwetsbaarheden repareert, waarvan twee actief worden uitgebuit https://t.co/8Rx4lwMhXy #Microsoft zero-day #CVE-2024-30044 #CVE-2024-30051 #CVE-2024-30040 #Microsoft Patch Tuesday #Trending #Tech #Nieuws

PenTestPioneers

@GeudiSouleiman

2024-05-15

Microsoft patched 61 security flaws in its May 2024 updates, including two zero-days actively exploited. One critical,59 important, and one moderate vulnerability were fixed, along with 30 in the Chromium-based Edge browser. Exploited flaws include CVE-2024-30040 ,CVE-2024-30051. https://t.co/nN9uQmSS6r

#RSSI

@RsSI47041968

2024-05-15

Microsoft - CVE-2024-30040 https://t.co/5JIbyxuWfC

Affected Software

Configuration 1

Type	Vendor	Product
OS	Microsoft	windows_10_1507
OS	Microsoft	windows_10_1809
OS	Microsoft	windows_11_21h2
OS	Microsoft	windows_10_1607
OS	Microsoft	windows_10_21h2
OS	Microsoft	windows_10_22h2
OS	Microsoft	windows_server_2022
OS	Microsoft	windows_11_22h2
OS	Microsoft	windows_server_2019
OS	Microsoft	windows_server_2022_23h2
OS	Microsoft	windows_server_2016
OS	Microsoft	windows_11_23h2

References

Reference	Link
[email protected]	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040
WINDOWS MSHTML PLATFORM SECURITY FEATURE BYPASS VULNERABILITY	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040
AF854A3A-2127-422B-91AE-364DA2661108	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040
[email protected]	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040

CWE Details

CWE ID	CWE Name	Description
CWE-20	Improper Input Validation	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-203	Observable Discrepancy	The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence