virus logo Threat Signal Report

Microsoft .NET Framework Information Disclosure Vulnerability

What is the Attack?

Threat Actors are targeting a Microsoft .NET Framework information disclosure vulnerability (CVE-2024-29059) that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution. The security vulnerability tracked as CVE-2024-29059, has also been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog on February 4, 2025.

What is the recommended Mitigation?

FortiGuard recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. [CVE-2024-29059 - Security Update Guide - Microsoft - .NET Framework Information Disclosure Vulnerability]

What FortiGuard Coverage is available?

  • FortiGuard IPS protection is available, and Fortinet customers remain protected through it.
    Intrusion Prevention | FortiGuard Labs

  • FortiGuard Endpoint Vulnerability Service provides a systematic and automated method of patching applications on an endpoint, eliminating manual processes while reducing the attack surface.
    FortiClient Vulnerability | FortiGuard Labs

  • The FortiGuard Incident Response team can be engaged to help with any suspected compromise.

description-logoOutbreak Alert

Threat Actors are targeting and actively exploiting a Microsoft .NET Framework information disclosure vulnerability (CVE-2024-29059) that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.

View the full Outbreak Alert Report

Additional Resources

CVE-2024-29059 - Security Update Guide - Microsoft - .NET Framework Information Disclosure Vulnerability


Released Date Feb 13, 2025
Tags Microsoft .NET Framework Information Disclosure Threat Signal
CVE ID

Experienced a Breach? We're here to help

FortiGuard Incident Response Services
FortiGuard Incident Response Services
Outbreak Alert Outbreak Alert
About FortiGuard Threat Signal

Learn More »