Elevated Privileges for Attackers
CVE-2024-38107
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 13 August 2024
Badges
What is CVE-2024-38107?
The vulnerability in the Windows Power Dependency Coordinator allows for elevation of privilege, enabling attackers to execute arbitrary code with higher privileges than intended. This could lead to unauthorized actions within the operating system, potentially compromising system integrity and user data. Organizations must take proactive measures to patch affected systems and mitigate risks associated with this vulnerability.
CISA has reported CVE-2024-38107
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-38107 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20751
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7259
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6189
References
CVSS V3.1
Timeline
- ๐พ
Exploit known to exist
- ๐ฆ
CISA Reported
Vulnerability published
Vulnerability Reserved