Login Sign Up

CVE-2024-0057

9.1 CRITICAL

📋 TL;DR

This vulnerability allows attackers to bypass security features in .NET, .NET Framework, and Visual Studio, potentially enabling unauthorized access or privilege escalation. It affects systems running vulnerable versions of these Microsoft products, particularly those exposed to untrusted input or network traffic.

💻 Affected Systems

Products:
  • .NET
  • .NET Framework
  • Visual Studio
Versions: Specific versions as per Microsoft advisory; typically includes recent releases prior to patched versions.
Operating Systems: Windows, Linux, macOS (for .NET Core/5+)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects default installations; severity may vary based on application usage and security configurations.

📦 What is this software?

.net by Microsoft

View all CVEs affecting .net →

.net by Microsoft

View all CVEs affecting .net →

.net by Microsoft

View all CVEs affecting .net →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

.net Framework by Microsoft

View all CVEs affecting .net Framework →

Powershell by Microsoft

View all CVEs affecting Powershell →

Powershell by Microsoft

View all CVEs affecting Powershell →

Powershell by Microsoft

View all CVEs affecting Powershell →

Visual Studio 2022 by Microsoft

View all CVEs affecting Visual Studio 2022 →

Visual Studio 2022 by Microsoft

View all CVEs affecting Visual Studio 2022 →

Visual Studio 2022 by Microsoft

View all CVEs affecting Visual Studio 2022 →

Visual Studio 2022 by Microsoft

View all CVEs affecting Visual Studio 2022 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via remote code execution or privilege escalation, leading to data theft, ransomware deployment, or lateral movement across networks.

🟠

Likely Case

Security feature bypass allowing unauthorized access to sensitive data or functionality, such as authentication bypass or tampering with application logic.

🟢

If Mitigated

Limited impact with proper network segmentation, least privilege, and monitoring, potentially reduced to denial-of-service or minor data exposure.

🌐 Internet-Facing: HIGH, as internet-facing applications using affected .NET components could be directly exploited by remote attackers.
🏢 Internal Only: MEDIUM, as internal systems may be targeted via phishing or lateral movement, but require initial access or insider threats.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation likely involves crafted input to bypass security checks; no public proof-of-concept confirmed yet.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Microsoft Security Update Guide for specific versions (e.g., .NET 8.0.2, .NET Framework updates).

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057

Restart Required: Yes

Instructions:

1. Apply updates via Windows Update or manual download from Microsoft Update Catalog. 2. For .NET Core/5+, update runtime and SDK via package managers. 3. Restart affected systems and applications.

🔧 Temporary Workarounds

Disable vulnerable features if possible

all

Temporarily disable or restrict affected .NET security features until patching.

🧯 If You Can't Patch

  • Implement network segmentation to isolate vulnerable systems from untrusted networks.
  • Enforce strict input validation and use web application firewalls (WAFs) to block malicious traffic.

🔍 How to Verify

Check if Vulnerable:

Check installed .NET versions using 'dotnet --info' or Windows Registry for .NET Framework; compare with patched versions in advisory.

Check Version:

On Windows: 'reg query "HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP" /s' for .NET Framework; on all: 'dotnet --list-runtimes' and 'dotnet --list-sdks'.

Verify Fix Applied:

Verify version after update matches patched release; test security features for functionality.

📡 Detection & Monitoring

Log Indicators:

  • Unusual authentication failures, security feature bypass logs in application or system logs.

Network Indicators:

  • Anomalous HTTP requests targeting .NET endpoints, spikes in traffic to vulnerable services.

SIEM Query:

Example: 'source="*.log" AND ("security bypass" OR "CVE-2024-0057")'

📊 Metadata

CVE ID: CVE-2024-0057
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-20
Published: January 9, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0057, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)