Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Key Information
- Vendor
- Microsoft
- Status
- Windows 10 Version 1809
- Windows Server 2019
- Windows Server 2019 (server Core Installation)
- Windows Server 2022
- Vendor
- CVE Published:
- 11 June 2024
Badges
Summary
The vulnerability CVE-2024-35250 affects various versions of Windows, including Windows 11 and Windows Server editions. It allows attackers to escalate privileges to SYSTEM level, bypass security measures, and execute arbitrary code with SYSTEM privileges. A Proof-of-Concept (PoC) exploit has been released, highlighting the urgency of patching vulnerable systems. Microsoft has issued a security update to address the vulnerability, and users are advised to update their systems as soon as possible to prevent exploitation. The vulnerability has been present in Windows systems for nearly 20 years, making it a critical issue that requires immediate attention. Users are advised to update their systems to the latest version to prevent exploitation of this vulnerability.
Affected Version(s)
Windows 10 Version 1809 < 10.0.17763.5936
Windows Server 2019 < 10.0.17763.5936
Windows Server 2019 (Server Core installation) < 10.0.17763.5936
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
CybersecurityNews CVSS V3.1
Timeline
- 👾
Exploit exists.
First article discovered by CybersecurityNews
Vulnerability published.
Vulnerability Reserved.