EUVD-2024-26005

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Microsoft OLE DB Driver vulnerability allows remote code execution in SQL Server.

Reporter	Title	Published	Views	Family All 20
CNNVD	Microsoft OLE DB Provider for SQL Server 安全漏洞	9 Apr 202400:00	–	cnnvd
CNVD	Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability (CNVD-2024-25660)	11 Apr 202400:00	–	cnvd
CVE	CVE-2024-28939	9 Apr 202417:00	–	cve
Cvelist	CVE-2024-28939 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	9 Apr 202417:00	–	cvelist
Microsoft KB	KB5035432 - Description of the security update for SQL Server 2022 GDR: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5035434 - Description of the security update for SQL Server 2019 GDR: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5036335 - Description of the security update for SQL Server 2019 CU25: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5036343 - Description of the security update for SQL Server 2022 CU12: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	Description of the security update for Microsoft OLE DB Driver 18 for SQL Server: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: April 9, 2024	9 Apr 202407:00	–	mskb

[
  {
    "enisaIdVendor": [
      {
        "id": "67be4421-e0ec-3faf-b0f9-5dd86b9a0c09",
        "vendor": {
          "name": "Microsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "08579c9a-2aca-3903-ba3c-0ebdd5e9065a",
        "product": {
          "name": "Microsoft SQL Server 2019 (GDR)"
        },
        "product_version": "15.0.0 <15.0.2110.4"
      },
      {
        "id": "1a5e8fc1-ea31-391b-9cd7-0741d91b3635",
        "product": {
          "name": "Microsoft SQL Server 2019 (GDR)"
        }
      },
      {
        "id": "2ca630c0-18de-3b2f-a09b-e5079380aad1",
        "product": {
          "name": "Microsoft OLE DB Driver 19 for SQL Server"
        }
      },
      {
        "id": "52db8644-40b8-355c-bc90-635fdf5f6ea3",
        "product": {
          "name": "Microsoft SQL Server 2022 (GDR)"
        },
        "product_version": "16.0.0 <16.0.1115.1"
      },
      {
        "id": "61115aea-682e-37fd-84bb-b57d9428f3dc",
        "product": {
          "name": "Microsoft SQL Server 2022 (GDR)"
        }
      },
      {
        "id": "8491bdd7-f998-3d15-8ccd-6e81ccc14efc",
        "product": {
          "name": "Microsoft SQL Server 2019 (CU 25)"
        },
        "product_version": "15.0.0 <15.0.4360.2"
      },
      {
        "id": "8878d28a-e914-3f61-bd42-d9b68186d33a",
        "product": {
          "name": "Microsoft SQL Server 2022 for (CU 12)"
        }
      },
      {
        "id": "8cce9c87-7d49-3a84-9bf4-fc2246367ef6",
        "product": {
          "name": "Microsoft SQL Server 2019 (CU 25)"
        }
      },
      {
        "id": "be45b12e-7683-3758-82fd-05341768beb8",
        "product": {
          "name": "Microsoft OLE DB Driver 18 for SQL Server"
        }
      },
      {
        "id": "e1ecb5a9-77a3-3d06-b27f-1ba4624610c9",
        "product": {
          "name": "Microsoft OLE DB Driver 19 for SQL Server"
        },
        "product_version": "19.0.0 <19.3.0003.0"
      },
      {
        "id": "e2984ba6-1f55-3503-b1c6-d6c9113091ff",
        "product": {
          "name": "Microsoft OLE DB Driver 18 for SQL Server"
        },
        "product_version": "18.0.0 <18.7.0002.0"
      },
      {
        "id": "e5b43bcb-d6a9-3481-b721-ebe5c3498bc5",
        "product": {
          "name": "Microsoft SQL Server 2022 for (CU 12)"
        },
        "product_version": "16.0.0 <16.0.4120.1"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28939

03 Oct 2025 20:07Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18.8

EPSS0.01308

SSVC