How severe is CVE-2024-41159?

CVE-2024-41159 has a CVSS v3 score of 7.1 (HIGH).

CVE-2024-41159

Name: onenote
Author: microsoft

7.1HIGH

A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious applica

Published: 12/18/2024Updated: 8/25/2025

Description

A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

AI AnalysisPowered by AI

Affected Products

microsoftonenote

16.83

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1975
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1975
ExploitThird Party Advisory