Assigner | microsoft |
Reserved | 2023-12-08 |
Published | 2024-02-13 |
Updated | 2024-07-19 |
Description
Windows Kernel Elevation of Privilege Vulnerability
HIGH: 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
Problem types
CWE-822: Untrusted Pointer Dereference
Product status
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.20348.2322
affected
10.0.0 before 10.0.22000.2777
affected
10.0.0 before 10.0.19044.4046
affected
10.0.0 before 10.0.22621.3155
affected
10.0.0 before 10.0.19045.4046
affected
10.0.0 before 10.0.22631.3155
affected
10.0.0 before 10.0.22631.3155
affected
10.0.0 before 10.0.25398.709
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338 (Windows Kernel Elevation of Privilege Vulnerability) vendor-advisory
https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
cve.org CVE-2024-21338
nvd.nist.gov CVE-2024-21338
Download JSON