Heap-based Buffer Overflow (CWE-122)
A remote code execution vulnerability exists in the Windows Graphics Component. This vulnerability is caused by a heap-based buffer overflow and out-of-bounds write issue. It affects multiple versions of Windows operating systems, including Windows 10, Windows 11, and various Windows Server editions.
If successfully exploited, an attacker could execute arbitrary code with the same privileges as the current user. Given the high impact on confidentiality, integrity, and availability, this could lead to full system compromise, data theft, or system disruption. The attack requires user interaction and local access, which somewhat limits the ease of exploitation.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patches are available for this vulnerability. Microsoft has released updates to address the issue across multiple affected Windows versions. Users and administrators should apply these patches as soon as possible.
1. Apply the latest security updates provided by Microsoft for the affected Windows versions. 2. Implement the principle of least privilege, ensuring users operate with minimal necessary permissions. 3. Educate users about the risks of interacting with untrusted files or applications, as user interaction is required for exploitation. 4. Consider implementing application whitelisting to prevent unauthorized executables from running. 5. Regularly monitor systems for suspicious activities that could indicate exploitation attempts. 6. Keep all Windows systems and software up to date with the latest security patches.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 7.8 has been assigned.
NVD published the first details for CVE-2024-38051
Feedly found the first article mentioning CVE-2024-38051. See article
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.05% (Percentile: 21.9%)