CVE-2021-24112 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2021-24112?
CVE-2021-24112 is a critical remote code execution vulnerability affecting .NET Core, Microsoft .NET, Microsoft Mono, and Microsoft Visual Studio 2019. With a severity score of 9.8 (NIST) and 8.1 (Microsoft), this vulnerability poses a significant risk, especially to non-Windows systems. The issue arises when a .NET application using libgdiplus on a non-Windows system accepts input. It is crucial to address this vulnerability to protect systems and data.
Who is impacted by CVE-2021-24112?
CVE-2021-24112 affects users of Microsoft .NET, .NET Core, Mono, and Visual Studio 2019 on macOS. Impacted versions include .NET 5.0 up to 5.0.2, .NET Core 2.1 up to 2.1.24 and 3.1 up to 3.1.11, Mono 6.12.0 up to 6.12.0.122, and all versions of Visual Studio 2019 on macOS. This vulnerability is particularly critical for non-Windows systems.
What to do if CVE-2021-24112 affected you
If you're affected by the CVE-2021-24112 vulnerability, it's important to take action to protect your systems. Follow these simple steps:
Update .NET 5.0 to the latest version
Update .NET Core 3.1 and 2.1 to the latest versions
Update Mono 6.12.0 to the latest version
Update Visual Studio 2019 for Mac to the latest version
By updating your software, you can help safeguard your systems against potential remote code execution attacks.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2021-24112 vulnerability, also known as .NET Core Remote Code Execution Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on February 25, 2021.
Weakness Enumeration
The weakness enumeration for this vulnerability is "Insufficient Information," indicating a lack of specific details about the vulnerability and its mitigation.
Learn More
To protect your systems, it's crucial to update the affected software and stay informed about the latest developments. For more information, visit the NVD page or refer to the sources below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2021-24112 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2021-24112?
CVE-2021-24112 is a critical remote code execution vulnerability affecting .NET Core, Microsoft .NET, Microsoft Mono, and Microsoft Visual Studio 2019. With a severity score of 9.8 (NIST) and 8.1 (Microsoft), this vulnerability poses a significant risk, especially to non-Windows systems. The issue arises when a .NET application using libgdiplus on a non-Windows system accepts input. It is crucial to address this vulnerability to protect systems and data.
Who is impacted by CVE-2021-24112?
CVE-2021-24112 affects users of Microsoft .NET, .NET Core, Mono, and Visual Studio 2019 on macOS. Impacted versions include .NET 5.0 up to 5.0.2, .NET Core 2.1 up to 2.1.24 and 3.1 up to 3.1.11, Mono 6.12.0 up to 6.12.0.122, and all versions of Visual Studio 2019 on macOS. This vulnerability is particularly critical for non-Windows systems.
What to do if CVE-2021-24112 affected you
If you're affected by the CVE-2021-24112 vulnerability, it's important to take action to protect your systems. Follow these simple steps:
Update .NET 5.0 to the latest version
Update .NET Core 3.1 and 2.1 to the latest versions
Update Mono 6.12.0 to the latest version
Update Visual Studio 2019 for Mac to the latest version
By updating your software, you can help safeguard your systems against potential remote code execution attacks.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2021-24112 vulnerability, also known as .NET Core Remote Code Execution Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on February 25, 2021.
Weakness Enumeration
The weakness enumeration for this vulnerability is "Insufficient Information," indicating a lack of specific details about the vulnerability and its mitigation.
Learn More
To protect your systems, it's crucial to update the affected software and stay informed about the latest developments. For more information, visit the NVD page or refer to the sources below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2021-24112 Report - Details, Severity, & Advisories
Twingate Team
•
Jun 28, 2024
What is CVE-2021-24112?
CVE-2021-24112 is a critical remote code execution vulnerability affecting .NET Core, Microsoft .NET, Microsoft Mono, and Microsoft Visual Studio 2019. With a severity score of 9.8 (NIST) and 8.1 (Microsoft), this vulnerability poses a significant risk, especially to non-Windows systems. The issue arises when a .NET application using libgdiplus on a non-Windows system accepts input. It is crucial to address this vulnerability to protect systems and data.
Who is impacted by CVE-2021-24112?
CVE-2021-24112 affects users of Microsoft .NET, .NET Core, Mono, and Visual Studio 2019 on macOS. Impacted versions include .NET 5.0 up to 5.0.2, .NET Core 2.1 up to 2.1.24 and 3.1 up to 3.1.11, Mono 6.12.0 up to 6.12.0.122, and all versions of Visual Studio 2019 on macOS. This vulnerability is particularly critical for non-Windows systems.
What to do if CVE-2021-24112 affected you
If you're affected by the CVE-2021-24112 vulnerability, it's important to take action to protect your systems. Follow these simple steps:
Update .NET 5.0 to the latest version
Update .NET Core 3.1 and 2.1 to the latest versions
Update Mono 6.12.0 to the latest version
Update Visual Studio 2019 for Mac to the latest version
By updating your software, you can help safeguard your systems against potential remote code execution attacks.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2021-24112 vulnerability, also known as .NET Core Remote Code Execution Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on February 25, 2021.
Weakness Enumeration
The weakness enumeration for this vulnerability is "Insufficient Information," indicating a lack of specific details about the vulnerability and its mitigation.
Learn More
To protect your systems, it's crucial to update the affected software and stay informed about the latest developments. For more information, visit the NVD page or refer to the sources below.
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions