CVE-2024-30051

Description

Windows DWM Core Library Elevation of Privilege Vulnerability

Reserved 2024-03-22 | Published 2024-05-14 | Updated 2024-12-31 | Assigner microsoft

CISA Known Exploited Vulnerability

Date added 2024-05-14 | Due date 2024-06-04

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

10.0.17763.0 before 10.0.17763.5820
affected

10.0.0 before 10.0.17763.5820
affected

10.0.17763.0 before 10.0.17763.5820
affected

10.0.17763.0 before 10.0.17763.5820
affected

10.0.20348.0 before 10.0.20348.2461
affected

10.0.0 before 10.0.22000.2960
affected

10.0.19043.0 before 10.0.19044.4412
affected

10.0.22621.0 before 10.0.22621.3593
affected

10.0.19045.0 before 10.0.19045.4412
affected

10.0.22631.0 before 10.0.22631.3593
affected

10.0.22631.0 before 10.0.22631.3593
affected

10.0.10240.0 before 10.0.10240.20651
affected

10.0.14393.0 before 10.0.14393.6981
affected

10.0.14393.0 before 10.0.14393.6981
affected

10.0.14393.0 before 10.0.14393.6981
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051 (Windows DWM Core Library Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2024-30051)

nvd.nist.gov (CVE-2024-30051)

Download JSON