Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
Windows Kernel Information Disclosure Vulnerability. This is a local vulnerability with a low attack complexity and requires low privileges. It primarily impacts confidentiality, with no impact on integrity or availability.
An attacker who successfully exploits this vulnerability could gain unauthorized access to sensitive information. The vulnerability has a high impact on confidentiality, potentially exposing critical data to unauthorized actors. This could lead to further compromise of the system or network if the exposed information is leveraged for additional attacks.
One proof-of-concept exploit is available on github.com. Its exploitation has been reported by various sources, including reddit.com.
A patch is available. Microsoft has released updates to address this vulnerability.
1. Apply the security updates provided by Microsoft as soon as possible. 2. Prioritize patching for the following affected Windows versions: - Windows 10 (versions 1607, 1809, 21H2, 22H2) - Windows 11 (versions 21H2, 22H2, 23H2) - Windows Server 2016 - Windows Server 2019 - Windows Server 2022 (including 23H2) 3. Implement the principle of least privilege to minimize the potential impact of this vulnerability. 4. Monitor systems for any suspicious activities that might indicate attempts to exploit this vulnerability. 5. Keep all Windows systems and software up to date with the latest security patches.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 5.5 has been assigned.
NVD published the first details for CVE-2024-38041
Feedly found the first article mentioning CVE-2024-38041. See article
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.04% (Percentile: 9.2%)
Attacks in the wild have been reported by Technical Information Security Content & Discussion. See article
A CVSS base score of 5.5 has been assigned.