CVE-2024-29059 is an information disclosure vulnerability actively exploited within Microsoft’s .NET Framework, specifically concerning .NET Remoting over HTTP. The flaw allows remote attackers to extract ObjRef URIs, which can subsequently be used to achieve remote code execution (RCE) under certain conditions.
| Product | .NET Framework |
| Date | 2025-02-07 17:28:12 |
| Information |
|
Technical Summary
The vulnerability is currently being actively exploited in the wild, increasing the urgency of mitigation actions. Public proof-of-concept (PoC) exploits exist that demonstrate how an attacker can steal ObjRefs and use them for further compromise.
Recommendations
Since the vulnerability is being actively exploited, immediate action is required:
- Apply security updates – Microsoft has released patches for the affected versions of the .NET Framework. Organizations should update their environments without delay.
- Disable .NET Remoting over HTTP – If not required, disable .NET Remoting to mitigate the risk. Evaluate the adoption of more secure inter-process communication mechanisms.
- Limit network exposure – Restrict public access to systems using .NET Remoting. Use firewalls and access control lists (ACLs) to reduce exposure.
[Callforaction-THREAT-Footer]
