Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21345

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows Server 2022, 23h2 Edition (server Core Installation)
Vendor: CVE Published:; 13 February 2024

Badges

💰 Ransomware👾 Exploit Exists📰 News Worthy

Summary

A vulnerability exists in the Windows Kernel that allows attackers to elevate their privileges on affected systems. By exploiting this bug, an unauthorized user can execute arbitrary code with elevated permissions, potentially taking control of the system. This flaw underscores the importance of applying security updates promptly to mitigate such risks and protect sensitive data from malicious actors. Further information regarding this vulnerability can be found in the Microsoft advisory.

Affected Version(s)

Windows Server 2022, 23H2 Edition (Server Core installation) x64-based Systems 10.0.25398.0 < 10.0.25398.709

News Articles

Cyber Security Informer

CVE-2024-21345 CVE-2024-26218

Top Cyber Security Informer Penetration Testing Security Awareness Content for April, 2024

Best content around Penetration Testing Security Awareness selected by the Cyber Security Informer community.

7 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

💰
Used in Ransomware
Jun 28, 2024
👾
Exploit known to exist
Jun 28, 2024
📰
First article discovered by Cyber Security Informer
Jun 28, 2024
Vulnerability published
Feb 13, 2024
Vulnerability Reserved
Dec 8, 2023

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Top Cyber Security Informer Penetration Testing Security Awareness Content for April, 2024

References

CVSS V3.1

Timeline