CVE-2024-42004

CWE-347 in A library injection vulnerability exists in Microsoft Teams (work or school) 24046

Verified by Precogs Threat Research
Last Updated: Aug 26, 2025
Base Score
7.1HIGH

Executive Summary

CVE-2024-42004 is a high severity vulnerability affecting appsec. It is classified as CWE-347. Ensure your systems and dependencies are patched immediately to mitigate exposure risks.

Precogs AI Insight

"Microsoft Teams contains a library injection vulnerability. Attackers exploit insecure search paths in the desktop client to load a malicious DLL, executing arbitrary code and potentially accessing local chat data or microphone feeds. Precogs Application Security Module audits untrusted search paths."

Exploit Probability (EPSS)
Low (0.1%)
Public POC
Undisclosed
Exploit Probability
Elevated (52%)
Public POC
Available
Affected Assets
appsecCWE-347

What is this vulnerability?

CVE-2024-42004 is categorized as a high CWE-347 flaw with a CVSS base score of 7.1. Based on our vulnerability intelligence, this issue occurs when the application fails to securely handle untrusted data boundaries.

A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

This architectural defect enables adversaries to bypass intended security controls, directly manipulating the application's execution state or data layer. Immediate strategic intervention is required.

Risk Assessment

MetricValue
CVSS Base Score7.1 (HIGH)
Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
PublishedDecember 18, 2024
Last ModifiedAugust 26, 2025
Related CWEsCWE-347

Impact on Systems

Data Exfiltration: Attackers can extract sensitive data from backend databases, configuration files, or internal services.

Authentication Bypass: Exploiting this flaw may allow unauthorized access to protected resources and administrative interfaces.

Lateral Movement: Once initial access is gained, attackers can pivot to internal systems and escalate privileges.

How to Fix and Mitigate CVE-2024-42004

  1. Apply Vendor Patches: Upgrade affected components to their latest, non-vulnerable versions immediately.
  2. Implement Input Validation: Ensure all user-supplied data is validated, sanitized, and type-checked before processing.
  3. Deploy Runtime Protection: Use Precogs continuous monitoring to detect exploitation attempts in real time.
  4. Audit Dependencies: Review and update all third-party libraries and transitive dependencies.

Defending with Precogs AI

Microsoft Teams contains a library injection vulnerability. Attackers exploit insecure search paths in the desktop client to load a malicious DLL, executing arbitrary code and potentially accessing local chat data or microphone feeds. Precogs Application Security Module audits untrusted search paths.

Use Precogs to continuously scan your codebase, binaries, APIs, and infrastructure for this vulnerability class and related attack patterns. Our AI-powered detection engine combines static analysis with threat intelligence to identify exploitable weaknesses before attackers do.

Start scanning with Precogs →

Vulnerability Code Signature

Attack Data Flow

StageDetail
SourceUntrusted User Input
VectorInput flows through the application logic without sanitization
SinkExecution or Rendering Sink
ImpactApplication compromise, Logic Bypass, Data Exfiltration

Vulnerable Code Pattern

# ❌ VULNERABLE: Unsanitized Input Flow
def process_request(request):
    user_input = request.GET.get('data')
    # Taint sink: processing untrusted data
    execute_logic(user_input)
    return {"status": "success"}

Secure Code Pattern

# ✅ SECURE: Input Validation & Sanitization
def process_request(request):
    user_input = request.GET.get('data')
    
    # Sanitized boundary check
    if not is_valid_format(user_input):
        raise ValueError("Invalid input format")
        
    sanitized_data = sanitize(user_input)
    execute_logic(sanitized_data)
    return {"status": "success"}

How Precogs Detects This

Precogs AI Analysis Engine maps untrusted input directly to execution sinks to catch complex application security vulnerabilities.\n

Supplemental Intelligence & References

🔗 External References

Related Vulnerabilitiesvia CWE-347

CVE-2026-44788.1 HIGH

A vulnerability was identified in Yi Technology YI Home Camera 2 2.

CWE-345CWE-347
CVE-2026-322944.7 MEDIUM

JetKVM prior to 0.

CWE-345CWE-347
CVE-2026-35649 CRITICAL

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

CWE-347
CVE-2026-42587.5 HIGH

All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.

CWE-347CWE-325
CVE-2026-279629.1 CRITICAL

Authlib is a Python library which builds OAuth and OpenID Connect servers.

CWE-347
CVE-2026-35620 UNKNOWN

Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability.

CWE-347

Is your system affected?

Precogs AI detects CVE-2024-42004 in compiled binaries, LLMs, and application layers — even without source code access.

Request Deep AnalysisBook a demo