Elevation of Privilege Vulnerability Affects Windows Search Service
CVE-2024-30033

7HIGH

Key Information:

Vendor: Microsoft
Status: Windows Server 2022; Windows 11 Version 21h2; Windows 10 Version 21h2; Windows 10 Version 22h2
Vendor: CVE Published:; 14 May 2024

Badges

📰 News Worthy

Summary

The Windows Search Service contains a vulnerability that allows an attacker to elevate privileges within the system. By exploiting this vulnerability, an unauthorized user could gain elevated permissions which may lead to unauthorized access to sensitive data or system functions. This could entail significant risks regarding data integrity and confidentiality. Implementing the latest security updates from Microsoft is crucial to mitigate exposure to this vulnerability.

Affected Version(s)

Windows 10 Version 21H2 32-bit Systems 10.0.19043.0 < 10.0.19044.4412

Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.4412

Windows 11 version 21H2 x64-based Systems 10.0.0 < 10.0.22000.2960

News Articles

SystemTek

CVE-2024-30033 CVE-2024-30034

SystemTek - Technology news and information

CVE number = CVE-2024-30033 CVSS Score = 7.0 This vulnerability allows local attackers to escalate privileges on affected installations of Read More CVE number = CVE-2024-30034 CVSS Score = 8.4 This...

10 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024
📰
First article discovered by SystemTek
Mar 29, 2024
Vulnerability Reserved
Mar 22, 2024

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

SystemTek - Technology news and information

References

CVSS V3.1

Timeline