Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-35250

7.8HIGH

Key Information

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
11 June 2024

Badges

📈 Score: 77.3👾 Exploit Exists🟡 Public PoC🦅 CISA Reported📰 News Worthy

Summary

The vulnerability CVE-2024-35250 affects various versions of Windows, including Windows 11 and Windows Server editions. It allows attackers to escalate privileges to SYSTEM level, bypass security measures, and execute arbitrary code with SYSTEM privileges. A Proof-of-Concept (PoC) exploit has been released, highlighting the urgency of patching vulnerable systems. Microsoft has issued a security update to address the vulnerability, and users are advised to update their systems as soon as possible to prevent exploitation. The vulnerability has been present in Windows systems for nearly 20 years, making it a critical issue that requires immediate attention. Users are advised to update their systems to the latest version to prevent exploitation of this vulnerability.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-35250 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Windows 10 Version 1809 < 10.0.17763.5936

Windows Server 2019 < 10.0.17763.5936

Windows Server 2019 (Server Core installation) < 10.0.17763.5936

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-35250
Created by varwara

CVE-2024-35250-BOF
Created by yinsel

News Articles

favicon imagePetri IT Knowledgebase

CISA Issues Alert on Critical Windows Kernel Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Windows kernel vulnerability to its Known Exploited Vulnerabilities (KEV)

1 week ago

favicon imageForbes

New Microsoft Windows Security Deadline—Why You Must Update Before Jan. 6

America’s Cyber Defense Agency, CISA, has warned a Microsoft Windows kernel vulnerability is now being exploited in the wild —here’s what you need to know and do.

1 week ago

favicon imageTechzine Europe

Critical Windows kernel vulnerability easily escalates system privileges

Windows vulnerability exposed: hackers take advantage of CVE-2024-35250 to gain system privileges.

1 week ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🦅

    CISA Reported

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseCISA DatabaseMicrosoft Feed2 Proof of Concept(s)9 News Article(s)
.