CVE-2024-41165

CWE-347 in A library injection vulnerability exists in Microsoft Word 16

Verified by Precogs Threat Research
Last Updated: Aug 22, 2025
Base Score
7.1HIGH

Executive Summary

CVE-2024-41165 is a high severity vulnerability affecting appsec. It is classified as CWE-347. Ensure your systems and dependencies are patched immediately to mitigate exposure risks.

Precogs AI Insight

"Microsoft Word contains a library injection vulnerability. Attackers send a malicious document that exploits insecure DLL loading practices, causing Word to execute attacker-controlled code upon opening the file. Precogs Application Security Module audits untrusted search paths and dynamic library loading."

Exploit Probability (EPSS)
Low (0.1%)
Public POC
Undisclosed
Exploit Probability
Elevated (52%)
Public POC
Available
Affected Assets
appsecCWE-347

What is this vulnerability?

CVE-2024-41165 is categorized as a high CWE-347 flaw with a CVSS base score of 7.1. Based on our vulnerability intelligence, this issue occurs when the application fails to securely handle untrusted data boundaries.

A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

This architectural defect enables adversaries to bypass intended security controls, directly manipulating the application's execution state or data layer. Immediate strategic intervention is required.

Risk Assessment

MetricValue
CVSS Base Score7.1 (HIGH)
Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
PublishedDecember 18, 2024
Last ModifiedAugust 22, 2025
Related CWEsCWE-347

Impact on Systems

Data Exfiltration: Attackers can extract sensitive data from backend databases, configuration files, or internal services.

Authentication Bypass: Exploiting this flaw may allow unauthorized access to protected resources and administrative interfaces.

Lateral Movement: Once initial access is gained, attackers can pivot to internal systems and escalate privileges.

How to Fix and Mitigate CVE-2024-41165

  1. Apply Vendor Patches: Upgrade affected components to their latest, non-vulnerable versions immediately.
  2. Implement Input Validation: Ensure all user-supplied data is validated, sanitized, and type-checked before processing.
  3. Deploy Runtime Protection: Use Precogs continuous monitoring to detect exploitation attempts in real time.
  4. Audit Dependencies: Review and update all third-party libraries and transitive dependencies.

Defending with Precogs AI

Microsoft Word contains a library injection vulnerability. Attackers send a malicious document that exploits insecure DLL loading practices, causing Word to execute attacker-controlled code upon opening the file. Precogs Application Security Module audits untrusted search paths and dynamic library loading.

Use Precogs to continuously scan your codebase, binaries, APIs, and infrastructure for this vulnerability class and related attack patterns. Our AI-powered detection engine combines static analysis with threat intelligence to identify exploitable weaknesses before attackers do.

Start scanning with Precogs →

Vulnerability Code Signature

Attack Data Flow

StageDetail
SourceUntrusted User Input
VectorInput flows through the application logic without sanitization
SinkExecution or Rendering Sink
ImpactApplication compromise, Logic Bypass, Data Exfiltration

Vulnerable Code Pattern

# ❌ VULNERABLE: Unsanitized Input Flow
def process_request(request):
    user_input = request.GET.get('data')
    # Taint sink: processing untrusted data
    execute_logic(user_input)
    return {"status": "success"}

Secure Code Pattern

# ✅ SECURE: Input Validation & Sanitization
def process_request(request):
    user_input = request.GET.get('data')
    
    # Sanitized boundary check
    if not is_valid_format(user_input):
        raise ValueError("Invalid input format")
        
    sanitized_data = sanitize(user_input)
    execute_logic(sanitized_data)
    return {"status": "success"}

How Precogs Detects This

Precogs AI Analysis Engine maps untrusted input directly to execution sinks to catch complex application security vulnerabilities.\n

Supplemental Intelligence & References

🔗 External References

Related Vulnerabilitiesvia CWE-347

CVE-2026-44788.1 HIGH

A vulnerability was identified in Yi Technology YI Home Camera 2 2.

CWE-345CWE-347
CVE-2026-322944.7 MEDIUM

JetKVM prior to 0.

CWE-345CWE-347
CVE-2026-35649 CRITICAL

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

CWE-347
CVE-2026-42587.5 HIGH

All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.

CWE-347CWE-325
CVE-2026-279629.1 CRITICAL

Authlib is a Python library which builds OAuth and OpenID Connect servers.

CWE-347
CVE-2026-35620 UNKNOWN

Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability.

CWE-347

Is your system affected?

Precogs AI detects CVE-2024-41165 in compiled binaries, LLMs, and application layers — even without source code access.

Request Deep AnalysisBook a demo