CVE-2024-2141112.03.2024, 17:15Skype for Consumer Remote Code Execution VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST8.8 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HmicrosoftCNA8.8 HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CCVEADP------CISA-ADPADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 87%VendorProductVersionskypeskype𝑥< 8.113𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-453 - Insecure Default Variable InitializationThe software, by default, initializes an internal variable with an insecure or less secure value than is possible.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411