CVE-2024-41145

HIGH Year: 2024
CVSS v3 Score
7.1
High
Weakness Type
CWE-347
View all →

Vulnerability Description

A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

Related Vulnerabilities

CVE-2020-14365

HIGH
CVSS:7.1(High)

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during i...

CWE-3472020

CVE-2020-25166

HIGH
CVSS:7.1(High)

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allo...

CWE-3472020

CVE-2023-23431

HIGH
CVSS:7.1(High)

Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.

CWE-3472023

CVE-2023-23432

HIGH
CVSS:7.1(High)

Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.

CWE-3472023

CVE-2023-23433

HIGH
CVSS:7.1(High)

Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.

CWE-3472023

CVE-2023-23435

HIGH
CVSS:7.1(High)

Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file

CWE-3472023