Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

ITS ADVISORY NUMBER:
2024-134

DATE(S) ISSUED:
12/10/2024

SUBJECT:
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

OVERVIEW:
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights

THREAT INTELLIGENCE:
There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

  • Adobe FrameMaker 2020 Release Update 7 and earlier
  • Adobe FrameMaker 2022 Release Update 5 and earlier
  • Adobe Substance 3D Painter 10.1.1 and earlier versions
  • Adobe Premiere Pro 25.0 and earlier versions
  • Adobe Premiere Pro 24.6.3 and earlier versions
  • Adobe Bridge 14.1.3 and earlier versions
  • Adobe Bridge 15.0 and earlier versions
  • Adobe Substance 3D Modeler 1.14.1 and earlier versions
  • Photoshop 2025 26.0 and earlier versions
  • Adobe Substance 3D Sampler 4.5.1 and earlier versions
  • Adobe Connect 12.6 and earlier versions
  • Adobe Connect 11.4.7 and earlier versions
  • Adobe PDFL Software Development Kit (SDK) PDFL SDK 21.0.0.5 and earlier versions
  • Adobe InDesign ID19.5 and earlier versions
  • Adobe InDesign ID18.5.4 and earlier versions
  • Adobe Animate 2023 23.0.8 and earlier versions
  • Adobe Animate 2024 24.0.5 and earlier versions
  • Adobe After Effects 24.6.2 and earlier versions
  • Adobe After Effects 25.0.1 and earlier versions
  • Illustrator 2025 29.0.0 and earlier versions
  • Illustrator 2024 28.7.2 and earlier versions
  • Adobe Media Encoder 24.6.3 and earlier versions
  • Adobe Media Encoder 25.0 and earlier versions
  • Acrobat DC 24.005.20307 and earlier versions continuous
  • Acrobat Reader DC 24.005.20307 and earlier versions continuous
  • Acrobat 2024 24.001.30213 and earlier versions (Windows) classic 2024
  • Acrobat 2024 24.001.30193 and earlier versions (MacOS) classic 2024
  • Acrobat 2020 20.005.30730 and earlier versions (Windows) classic 2020
  • Acrobat 2020 20.005.30710 and earlier versions (MacOS) classic 2020
  • Acrobat Reader 2020 20.005.30730 and earlier versions (Windows) classic 2020
  • Acrobat Reader 2020 20.005.30710 and earlier versions (MacOS) classic 2020
  • Adobe Experience Manager (AEM) AEM Cloud Service (CS)
  • Adobe Experience Manager (AEM) 6.5.21 and earlier versions

RISK:
Government:

  • Large and medium government entities: High
  • Small government entities: Medium

Businesses:

  • Large and medium business entities: High
  • Small business entities: Medium

Home users: Low

TECHNICAL SUMMARY:
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows

Tactic: Execution (TA0002)

Technique: Exploitation for Client Execution (T1203):

Adobe Experience Manager:

  • Improper Input Validation (CVE-2024-43711, CVE-2024-43755)
  • Cross-site Scripting (Stored XSS) (CVE-2024-43712, CVE-2024-53960, CVE-2024-43713, CVE-2024-43714, CVE-2024-43715, CVE-2024-43718, CVE-2024-43719, CVE-2024-43720, CVE-2024-43721, CVE-2024-43722, CVE-2024-43723, CVE-2024-43724, CVE-2024-43725, CVE-2024-43726, CVE-2024-43727, CVE-2024-43728, CVE-2024-43730, CVE-2024-43732, CVE-2024-43733, CVE-2024-43734, CVE-2024-43735, CVE-2024-43736, CVE-2024-43737, CVE-2024-43738, CVE-2024-43739, CVE-2024-43740, CVE-2024-43742, CVE-2024-43743, CVE-2024-43744, CVE-2024-43745, CVE-2024-43746, CVE-2024-43747, CVE-2024-43748, CVE-2024-43749, CVE-2024-43750, CVE-2024-43751, CVE-2024-43752, CVE-2024-43754, CVE-2024-52991, CVE-2024-52992, CVE-2024-52993, CVE-2024-52816, CVE-2024-52817, CVE-2024-52818, CVE-2024-52822, CVE-2024-52823, CVE-2024-52824, CVE-2024-52825, CVE-2024-52826, CVE-2024-52827, CVE-2024-52828, CVE-2024-52829, CVE-2024-52830, CVE-2024-52831, CVE-2024-52832, CVE-2024-52834, CVE-2024-52835, CVE-2024-52836, CVE-2024-52837, CVE-2024-52838, CVE-2024-52839, CVE-2024-52840, CVE-2024-52841, CVE-2024-52842, CVE-2024-52843, CVE-2024-52844, CVE-2024-52845, CVE-2024-52846, CVE-2024-52847, CVE-2024-52848, CVE-2024-52849, CVE-2024-52850, CVE-2024-52851, CVE-2024-52852, CVE-2024-52853, CVE-2024-52854, CVE-2024-52855, CVE-2024-52857, CVE-2024-52858, CVE-2024-52859, CVE-2024-52860, CVE-2024-52861, CVE-2024-52862, CVE-2024-52864, CVE-2024-52865)
  • Improper Authorization (CVE-2024-43729, CVE-2024-43731)
  • Improper Access Control (CVE-2024-43716, CVE-2024-43717)

Adobe Acrobat and Reader:

  • Out-of-bounds Read (CVE-2024-47449)

Adobe After Effects:

  • Use After Free (CVE-2024-49530, CVE-2024-49535, CVE-2024-49531, CVE-2024-49532, CVE-2024-49533, CVE-2024-49534)

Adobe Media Encoder:

  • Out-of-bounds Write (CVE-2024-49551, CVE-2024-49553)
  • Heap-based Buffer Overflow (CVE-2024-49552)
  • NULL Pointer Dereference (CVE-2024-49554)

Adobe Illustrator:

  • Out-of-bounds Write (CVE-2024-49538, CVE-2024-49541)

Adobe After Effects:

  • Stack-based Buffer Overflow (CVE-2024-49537)

Adobe Animate:

  • Improper Input Validation (CVE-2024-52982)
  • Integer Overflow or Wraparound (CVE-2024-52983)
  • Integer Underflow (Wrap or Wraparound) (CVE-2024-52984, CVE-2024-52985, CVE-2024-52986, CVE-2024-52987, CVE-2024-52989, CVE-2024-53954)
  • Out-of-bounds Write (CVE-2024-52988)
  • Buffer Underwrite ('Buffer Underflow') (CVE-2024-52990)
  • Access of Uninitialized Pointer (CVE-2024-45155)
  • NULL Pointer Dereference (CVE-2024-45156)
  • Use After Free (CVE-2024-53953)

Adobe InDesign

  • Stack-based Buffer Overflow (CVE-2024-49543)
  • Out-of-bounds Write (CVE-2024-49544)
  • Heap-based Buffer Overflow (CVE-2024-49545)
  • Out-of-bounds Read (CVE-2024-49546, CVE-2024-49547, CVE-2024-49548, CVE-2024-49549, CVE-2024-53951)
  • NULL Pointer Dereference (CVE-2024-53952)

Adobe PDFL Software Development Kit (SDK)

  • Out-of-bounds Write (CVE-2024-49513)

Adobe Connect

  • Cross-site Scripting (Reflected XSS) (CVE-2024-54032, CVE-2024-54034, CVE-2024-54036, CVE-2024-54037, CVE-2024-54039, CVE-2024-49550, CVE-2024-54040, CVE-2024-54041, CVE-2024-54042, CVE-2024-54043, CVE-2024-54044, CVE-2024-54045, CVE-2024-54046, CVE-2024-54047, CVE-2024-54048, CVE-2024-54049)
  • Improper Access Control (CVE-2024-54033, CVE-2024-54035, CVE-2024-54038)
  • URL Redirection to Untrusted Site ('Open Redirect') (CVE-2024-54050, CVE-2024-54051)
  • Server-Side Request Forgery (SSRF) (CVE-2024-54052)

Substance 3D Sampler

  • Out-of-bounds Write (CVE-2024-52994)
  • Heap-based Buffer Overflow (CVE-2024-52995, CVE-2024-52996)

Adobe Photoshop

  • Use After Free (CVE-2024-52997)

Substance 3D Modeler

  • Heap-based Buffer Overflow (CVE-2024-52999)
  • Out-of-bounds Write (CVE-2024-53000, CVE-2024-53001, CVE-2024-53002, CVE-2024-53003)
  • Out-of-bounds Read (CVE-2024-53004, CVE-2024-53005)
  • NULL Pointer Dereference (CVE-2024-53006, CVE-2024-52833)

Adobe Bridge

  • Integer Underflow (Wrap or Wraparound) (CVE-2024-53955)

Adobe Premiere Pro

  • Heap-based Buffer Overflow (CVE-2024-53956)

Substance 3D Painter

  • Heap-based Buffer Overflow (CVE-2024-53957)
  • Out-of-bounds Write (CVE-2024-53958)

Adobe FrameMaker

  • Stack-based Buffer Overflow (CVE-2024-53959)

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Apply the stable channel update provided by Adobe to vulnerable systems immediately after appropriate testing. (M1051: Update Software)
    • Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.
    • Safeguard 7.2 : Establish and Maintain a Remediation Process: Establish and maintain a risk-based remediation strategy documented in a remediation process, with monthly, or more frequent, reviews.
    • Safeguard 7.6 : Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets: Perform automated vulnerability scans of externally-exposed enterprise assets using a SCAP-compliant vulnerability scanning tool. Perform scans on a monthly, or more frequent, basis.
    • Safeguard 7.7 : Remediate Detected Vulnerabilities: Remediate detected vulnerabilities in software through processes and tooling on a monthly, or more frequent, basis, based on the remediation process.
    • Safeguard 16.13 Conduct Application Penetration Testing: Conduct application penetration testing. For critical applications, authenticated penetration testing is better suited to finding business logic vulnerabilities than code scanning and automated security testing. Penetration testing relies on the skill of the tester to manually manipulate an application as an authenticated and unauthenticated user.
    • Safeguard 18.1 : Establish and Maintain a Penetration Testing Program: Establish and maintain a penetration testing program appropriate to the size, complexity, and maturity of the enterprise. Penetration testing program characteristics include scope, such as network, web application, Application Programming Interface (API), hosted services, and physical premise controls; frequency; limitations, such as acceptable hours, and excluded attack types; point of contact information; remediation, such as how findings will be routed internally; and retrospective requirements.
    • Safeguard 18.2 : Perform Periodic External Penetration Tests: Perform periodic external penetration tests based on program requirements, no less than annually. External penetration testing must include enterprise and environmental reconnaissance to detect exploitable information. Penetration testing requires specialized skills and experience and must be conducted through a qualified party. The testing may be clear box or opaque box.
    • Safeguard 18.3 : Remediate Penetration Test Findings: Remediate penetration test findings based on the enterprise’s policy for remediation scope and prioritization.
       
  • Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack. (M1026: Privileged Account Management)
    • Safeguard 4.7: Manage Default Accounts on Enterprise Assets and Software: Manage default accounts on enterprise assets and software, such as root, administrator, and other pre-configured vendor accounts. Example implementations can include: disabling default accounts or making them unusable.
    • Safeguard 5.4: Restrict Administrator Privileges to Dedicated Administrator Accounts: Restrict administrator privileges to dedicated administrator accounts on enterprise assets. Conduct general computing activities, such as internet browsing, email, and productivity suite use, from the user’s primary, non-privileged account.
       
  • Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions, etc. (M1021: Restrict Web-Based Content)
    • Safeguard 2.3: Address Unauthorized Software: Ensure that unauthorized software is either removed from use on enterprise assets or receives a documented exception. Review monthly, or more frequently.
    • Safeguard 2.7: Allowlist Authorized Scripts: Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files, are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently.
    • Safeguard 9.3: Maintain and Enforce Network-Based URL Filters: Enforce and update network-based URL filters to limit an enterprise asset from connecting to potentially malicious or unapproved websites. Example implementations include category-based filtering, reputation-based filtering, or through the use of block lists. Enforce filters for all enterprise assets.
    • Safeguard 9.6: Block Unnecessary File Types: Block unnecessary file types attempting to enter the enterprise’s email gateway.
       
  • Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring. (M1050: Exploit Protection)
    • Safeguard 10.5: Enable Anti-Exploitation Features: Enable anti-exploitation features on enterprise assets and software, where possible, such as Microsoft® Data Execution Prevention (DEP), Windows® Defender Exploit Guard (WDEG), or Apple® System Integrity Protection (SIP) and Gatekeeper™.
       
  • Block execution of code on a system through application control, and/or script blocking. (M1038: Execution Prevention)
    • Safeguard 2.5 : Allowlist Authorized Software: Use technical controls, such as application allowlisting, to ensure that only authorized software can execute or be accessed. Reassess bi-annually, or more frequently.
    • Safeguard 2.6 : Allowlist Authorized Libraries: Use technical controls to ensure that only authorized software libraries, such as specific .dll, .ocx, .so, etc., files, are allowed to load into a system process. Block unauthorized libraries from loading into a system process. Reassess bi-annually, or more frequently.
    • Safeguard 2.7 : Allowlist Authorized Scripts: Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files, are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently.
       
  • Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems. This could include suspicious process, file, API call, etc. behavior. (M1040: Behavior Prevention on Endpoint)
    • Safeguard 13.2 : Deploy a Host-Based Intrusion Detection Solution: Deploy a host-based intrusion detection solution on enterprise assets, where appropriate and/or supported.
    • Safeguard 13.7 : Deploy a Host-Based Intrusion Prevention Solution: Deploy a host-based intrusion prevention solution on enterprise assets, where appropriate and/or supported. Example implementations include use of an Endpoint Detection and Response (EDR) client or host-based IPS agent.
       

REFERENCES:

Adobe:
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html
https://helpx.adobe.com/security/products/acrobat/apsb24-92.html
https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html
https://helpx.adobe.com/security/products/illustrator/apsb24-94.html
https://helpx.adobe.com/security/products/after_effects/apsb24-95.html
https://helpx.adobe.com/security/products/animate/apsb24-96.html
https://helpx.adobe.com/security/products/indesign/apsb24-97.html
https://helpx.adobe.com/security/products/pdfl-sdk1/apsb24-98.html
https://helpx.adobe.com/security/products/connect/apsb24-99.html
https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-100.html
https://helpx.adobe.com/security/products/photoshop/apsb24-101.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html
https://helpx.adobe.com/security/products/bridge/apsb24-103.html
https://helpx.adobe.com/security/products/premiere_pro/apsb24-104.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-105.html
https://helpx.adobe.com/security/products/framemaker/apsb24-106.html

CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43720
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43723
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43724
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43725
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43727
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43728
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43729
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43730
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43734
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43735
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45156
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49532
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49534
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49546
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49551
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49552
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52818
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52829
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52830
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52832
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52833
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52850
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52859
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52862
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52991
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53955
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54043
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54047
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54049
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54051
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54052