{"uuid": "cae12b82-2f6b-4d19-8820-271c362caf42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49039", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3902", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49039\n\ud83c\udfe2 Vendor: Microsoft\n\ud83d\udda5\ufe0f Product: Windows\n\ud83d\udd39 Description: Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.\n\ud83d\udccf Published: 2024-11-12T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit\n3. https://api.msrc.microsoft.com/cvrf/2024-Nov?api-version=2020\n4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039\n5. https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-discovers-mozilla-and-windows-zero-day-zero-click-vulnerabilities-exploited-by-russia-aligned-romcom-apt-group/\n6. https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/\n7. https://picussecurity.com/hubfs/red-report-2025/Picus-RedReport-2025.pdf\n8. https://www.cyfirma.com/research/apt-quarterly-highlights-q4-2024/", "creation_timestamp": "2025-02-08T23:21:27.000000Z"}