Description
Windows Update Stack Elevation of Privilege Vulnerability
Reserved 2023-12-08 | Published 2024-03-12 | Updated 2024-12-31 | Assigner
microsoftHIGH: 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-59: Improper Link Resolution Before File Access ('Link Following')
Product status
10.0.17763.0 before 10.0.17763.5576
affected
10.0.0 before 10.0.17763.5576
affected
10.0.17763.0 before 10.0.17763.5576
affected
10.0.17763.0 before 10.0.17763.5576
affected
10.0.20348.0 before 10.0.20348.2340
affected
10.0.0 before 10.0.22000.2836
affected
10.0.19043.0 before 10.0.19044.4170
affected
10.0.22621.0 before 10.0.22621.3296
affected
10.0.19045.0 before 10.0.19045.4170
affected
10.0.22631.0 before 10.0.22631.3296
affected
10.0.22631.0 before 10.0.22631.3296
affected
10.0.25398.0 before 10.0.25398.763
affected
10.0.10240.0 before 10.0.10240.20526
affected
10.0.14393.0 before 10.0.14393.6796
affected
10.0.14393.0 before 10.0.14393.6796
affected
10.0.14393.0 before 10.0.14393.6796
affected
6.2.9200.0 before 6.2.9200.24768
affected
6.2.9200.0 before 6.2.9200.24768
affected
6.3.9600.0 before 6.3.9600.21871
affected
6.3.9600.0 before 6.3.9600.21871
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21432 (Windows Update Stack Elevation of Privilege Vulnerability) vendor-advisory
cve.org (CVE-2024-21432)
nvd.nist.gov (CVE-2024-21432)
Download JSON