<< Back
CVE Number Vulnerability Product Severity Date
CVE-2024-29985 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Microsoft SQL Server Important 30-05-2024

Technical Information

A remote code execution vulnerability in Microsoft SQL Server where an attacker could exploit the vulnerability by tricking a user to connect to a malicious SQL server database via a connection driver, like OLEDB, and it may cause arbitrary code execution on the client.

Patch Release Date: Apr 09, 2024
Further information on this vulnerability is available at: CVE-2024-29885

Affected Software

Microsoft SQL Server 2022 for x64-based Systems,
Microsoft SQL Server 2019 for x64-based Systems,
Microsoft OLE DB Driver 18 for SQL Server,
Microsoft OLE DB Driver 19 for SQL Server