CVE-2024-21397: 
vulnerability analysis and mitigation

Microsoft Azure File Sync contains an Elevation of Privilege Vulnerability, tracked as CVE-2024-21397. The vulnerability affects Azure File Sync versions from 14.0.0.0 up to (excluding) 16.2.0.0, and version 17.0.0.0. This security issue was disclosed in February 2024 and received a CVSS v3.1 base score of 5.3 (Medium) (NVD).

The vulnerability is classified as CWE-59 (Improper Link Resolution Before File Access) and has a CVSS vector string of CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L. This indicates that the vulnerability requires local access, has high attack complexity, requires low privileges, needs no user interaction, has a scope that's unchanged, with no impact to confidentiality, high impact to integrity, and low impact to availability (NVD).

The vulnerability could allow unauthorized users to create new files in locations they are not permitted to access, potentially compromising system security (Microsoft Support).

Microsoft has released security updates to address this vulnerability. The fix is available in Azure File Sync Agent v16.2 (version 16.2.0.0) and v17.1 (version 17.1.0.0) for Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022 installations. Users can obtain and install the update through Microsoft Update, Microsoft Update Catalog, or Microsoft Download Center (Microsoft Support).