Windows Kernel Information Disclosure Vulnerability
CVE-2024-37985

5.9MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows 11 Version 22h2; Windows 11 Version 22h3
Vendor: CVE Published:; 17 September 2024

🔔 Create Microsoft Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-37985?

Windows Kernel Information Disclosure Vulnerability

Affected Version(s)

Windows 11 version 22H2 ARM64-based Systems 10.0.22621.0 < 10.0.22621.3880

Windows 11 version 22H3 ARM64-based Systems 10.0.22631.0 < 10.0.22631.3880

News Articles

TheCyberThrone

CVE-2024-37985 CVE-2024-38816

TheCyberThrone Security Week In Review – September 21, 2024

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, September 21, 2024. Microsoft Kernel Vulnerability CVE-2024-37985 exploited Microsoft has confirmed the exploitation of a Windows Kernel vuln...

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Sep 22, 2024
📰
First article discovered by TheCyberThrone
Sep 22, 2024
Vulnerability published
Sep 17, 2024