CVE-2024-38189
Known Exploited Vulnerability Entry CISA
Entry Details
Confirmed Exploited2024-08-13 00:00 UTC
Timestamps
2024-08-13
2024-08-13
Scope
KEV entry: Microsoft Project Remote Code Execution Vulnerability | Affected: Microsoft / Project | Description: Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-09-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38189; https://nvd.nist.gov/vuln/detail/CVE-2024-38189
References
- {'id': 'CVE-2024-38189', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-38189'}
7a63523c-8f5f-4a5d-b2cc-27cea4a64050
CISA
405284c2-e461-4670-8979-7fd2c9755a60
2026-02-02 12:26 UTC
2026-02-06 07:17 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| vendor_report | cisa-kev | successful_exploitation | 0.80 |
View details
|
- |