VMware vSphere HVCI Bypass Vulnerability

CVE-2024-21305
4.4MEDIUM

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
9 January 2024

Badges

๐Ÿ˜„ Trended๐Ÿ‘พ Exploit Exists๐Ÿ”ด Public PoC๐Ÿ“ฐ News Worthy

Summary

The VMware vSphere HVCI Bypass Vulnerability, identified as CVE-2024-21305, is a moderate severity security flaw that affects the Hypervisor-Protected Code Integrity (HVCI) security feature. This vulnerability has the potential to be exploited to bypass security measures, although it has not been reported as being actively exploited in the wild or by ransomware groups. The impact of this vulnerability is as yet uncertain, but it is important for users of affected Microsoft products to remain vigilant for any potential exploitation and to apply relevant security patches promptly.

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.5329

Windows Server 2019 < 10.0.17763.5329

Windows Server 2019 (Server Core installation) < 10.0.17763.5329

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-21305
Created by tandasat

News Articles

favicon imageGitHub

CVE-2024-21305 - GitHub Advisory Database

GitHub is where people build software. More than 100 million people use GitHub to discover, fork, and contribute to over 420 million projects.

8 months ago

favicon imageCTO at NCSC

CTO at NCSC Summary: week ending January 21st

Ivanti Connect Secure VPN and Citrix NetScaler exploitation etc.. is the focus of the week..

8 months ago

favicon imageSubstack

Risky Biz News: Congress considers making CSRB permanent and more independent and transparent

In other news: GitHub rotates signing keys; new Samsung phones to get 7 years of security updates; DDoS attacks hit Switzerland during Zelenskyy visit.

8 months ago

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit exists.

  • Vulnerability started trending.

  • First article discovered by Substack

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 Proof of Concept(s)3 News Article(s)
.