CVE-2024-38054
Heap-based Buffer Overflow (CWE-122)
Published: Jul 9, 2024
010
CVSS 7.8EPSS 0.04%High
CVE info copied to clipboard
Summary
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. This is a local vulnerability with low attack complexity and requires low privileges. It has high impact on confidentiality, integrity, and availability.
Impact
This vulnerability allows an attacker with low privileges to elevate their privileges on the system. The attacker could potentially gain full control over the affected system, compromising the confidentiality, integrity, and availability of data and resources. This could lead to unauthorized access to sensitive information, modification of system files, or disruption of services.
Exploitation
There is no evidence that a public proof-of-concept exists. Its exploitation has been reported by various sources, including securityonline.info.
Patch
A patch is available. Microsoft released an official fix for this vulnerability on July 9, 2024.
Mitigation
1. Apply the official patch released by Microsoft as soon as possible. 2. Implement the principle of least privilege, ensuring users and processes have only the minimum necessary permissions. 3. Monitor for suspicious activities, especially attempts to elevate privileges. 4. Keep all Microsoft systems and software up to date with the latest security patches. 5. Use endpoint detection and response (EDR) tools to detect and prevent exploitation attempts.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Timeline
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (92149)
Jul 9, 2024 at 7:53 AM
CVE Assignment
NVD published the first details for CVE-2024-38054
Jul 9, 2024 at 5:15 PM
First Article
Feedly found the first article mentioning CVE-2024-38054. See article
Jul 9, 2024 at 5:17 PM / FortiGuard Labs | Internet of Things Intrusion Prevention Service Updates
CVSS Estimate
Feedly estimated the CVSS score as MEDIUM
Jul 9, 2024 at 5:25 PM
EPSS
EPSS Score was set to: 0.04% (Percentile: 9.2%)
Jul 10, 2024 at 10:14 AM
Exploitation in the Wild
Attacks in the wild have been reported by Cybersecurity News. See article
Aug 23, 2024 at 2:55 AM / Cybersecurity News
Threat Intelligence Report
CVE-2024-38054 is a critical vulnerability that allows for out-of-bounds access due to unchecked length or index issues. @Fr0st1706 has already written an exploit for this vulnerability, indicating that it may be exploited in the wild. It is important for organizations to implement mitigations, detections, and patches to prevent potential impacts on third party vendors or technology. See article
Aug 23, 2024 at 1:52 PM
Affected Systems
Microsoft/windows_11_22h2
+null more
Patches
Microsoft
+null more
Attack Patterns
CAPEC-92: Forced Integer Overflow
+null more
References
July 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
SQL Server CVE-2024-20701 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21303 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21308 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21317 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21331 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21332 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21333 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21335 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21373 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21398 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21414 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21415 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows CoreMessaging CVE-2024-21417 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21425 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21428 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-21449 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-26184 6.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-28899 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-28928 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows MultiPoint Services CVE-2024-30013 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Dynamics CVE-2024-30061 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Access Connection Manager CVE-2024-30071 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Access Connection Manager CVE-2024-30079 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows NTLM CVE-2024-30081 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Cryptographic Services CVE-2024-30098 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No .NET and Visual Studio CVE-2024-30105 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Microsoft Office SharePoint CVE-2024-32987 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-35256 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure Network Watcher CVE-2024-35261 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Exploitation Less Likely Yes No No .NET and Visual Studio CVE-2024-35264 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure DevOps CVE-2024-35266 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Azure DevOps CVE-2024-35267 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows iSCSI CVE-2024-35270 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-35271 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-35272 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37318 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37319 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37320 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37321 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37322 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37323 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37324 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37326 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37327 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37328 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37329 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37330 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37331 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37332 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37333 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37334 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-37336 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37969 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37970 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37971 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37972 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37973 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37974 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37975 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37977 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37978 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37981 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37984 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37986 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37987 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37988 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-37989 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-38010 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-38011 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Server Backup CVE-2024-38013 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop CVE-2024-38015 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Message Queuing CVE-2024-38017 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C Exploitation Less Likely Yes No No Windows Performance Monitor CVE-2024-38019 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office Outlook CVE-2024-38020 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office CVE-2024-38021 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Image Acquisition CVE-2024-38022 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office SharePoint CVE-2024-38023 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Office SharePoint CVE-2024-38024 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Performance Monitor CVE-2024-38025 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Line Printer Daemon Service (LPD) CVE-2024-38027 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Performance Monitor CVE-2024-38028 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Themes CVE-2024-38030 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Windows Online Certificate Status Protocol (OCSP) CVE-2024-38031 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No XBox Crypto Graphic Services CVE-2024-38032 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows PowerShell CVE-2024-38033 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Filtering CVE-2024-38034 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Kernel CVE-2024-38041 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows PowerShell CVE-2024-38043 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows DHCP Server CVE-2024-38044 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows PowerShell CVE-2024-38047 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No NDIS CVE-2024-38048 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Distributed Transaction Coordinator CVE-2024-38049 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Workstation Service CVE-2024-38050 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Graphics Component CVE-2024-38051 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Streaming Service CVE-2024-38052 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Internet Connection Sharing (ICS) CVE-2024-38053 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Streaming Service CVE-2024-38054 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Windows Codecs Library CVE-2024-38055 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Windows Codecs Library CVE-2024-38056 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Streaming Service CVE-2024-38057 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows BitLocker CVE-2024-38058 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Win32K - ICOMP CVE-2024-38059 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Microsoft Windows Codecs Library CVE-2024-38060 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Role: Active Directory Certificate Services; Active Directory Domain Services CVE-2024-38061 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Windows Kernel-Mode Drivers CVE-2024-38062 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows TCP/IP CVE-2024-38064 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Secure Boot CVE-2024-38065 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Win32K - GRFX CVE-2024-38066 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Online Certificate Status Protocol (OCSP) CVE-2024-38067 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Online Certificate Status Protocol (OCSP) CVE-2024-38068 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Enroll Engine CVE-2024-38069 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows LockDown Policy (WLDP) CVE-2024-38070 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38071 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38072 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38073 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Remote Desktop Licensing Service CVE-2024-38074 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Active Directory Federation Services CVE-2024-38075 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Remote Desktop CVE-2024-38076 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes Windows Remote Desktop Licensing Service CVE-2024-38077 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No Yes XBox Crypto Graphic Services CVE-2024-38078 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Graphics Component CVE-2024-38079 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Role: Windows Hyper-V CVE-2024-38080 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Detected Yes No No .NET and Visual Studio CVE-2024-38081 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Win32 Kernel Subsystem CVE-2024-38085 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Azure Kinect SDK CVE-2024-38086 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-38087 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No SQL Server CVE-2024-38088 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Defender for IoT CVE-2024-38089 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft WS-Discovery CVE-2024-38091 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Azure CycleCloud CVE-2024-38092 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Exploitation Less Likely Yes No No Microsoft Office SharePoint CVE-2024-38094 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No .NET and Visual Studio CVE-2024-38095 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely No No No Windows Remote Desktop Licensing Service CVE-2024-38099 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows COM Session CVE-2024-38100 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation More Likely Yes No No Windows Internet Connection Sharing (ICS) CVE-2024-38101 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Internet Connection Sharing (ICS) CVE-2024-38102 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Fax and Scan Service CVE-2024-38104 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows Internet Connection Sharing (ICS) CVE-2024-38105 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitation Less Likely Yes No No Windows MSHTML Platform CVE-2024-38112 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C Exploitation Detected Yes No No
Microsoft July 2024 Security Updates
Classification: Critical, Solution: Official Fix, Exploit Maturity: Functional, CVSSv3.1: 9.8, CVEs: CVE-2024-20701, CVE-2024-21303, CVE-2024-21308, CVE-2024-21317, CVE-2024-21331, CVE-2024-21332, CVE-2024-21333, CVE-2024-21335, CVE-2024-21373, CVE-2024-21398, CVE-2024-21414, CVE-2024-21415, CVE-2024-21417, CVE-2024-21425, CVE-2024-21428, CVE-2024-21449, CVE-2024-26184, CVE-2024-28899, CVE-2024-28928, CVE-2024-30013 (+123 other associated CVEs), Summary: Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. This Patch Tuesday fixed five critical vulnerabilities, with all being remote code execution flaws. The number of bugs in each vulnerability category is listed below: 26 Elevation of Privilege Vulnerabilities 24 Security Feature Bypass Vulnerabilities 59 Remote Code Execution Vulnerabilities 9 Information Disclosure Vulnerabilities 17 Denial of Service Vulnerabilities 7 Spoofing Vulnerabilities This month's Patch Tuesday fixes two actively exploited and two other publicly disclosed zero-day vulnerabilities.
Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part I
Additionally, we will delve into a proxy-based logical vulnerability type that allows us to bypass most validations, enabling us to successfully exploit Windows 11 in Pwn2Own Vancouver 2024. It is the library of Kernel Streaming responsible for forwarding requests such as to the corresponding device driver, and it also handles functions related to AVStream.
News
From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape
This repository, hosted on Github, serves as a valuable resource for security researchers, penetration testers, and system administrators interested in understanding and mitigating privilege escalation attacks. Security researcher Michael Zhmaylo has assembled a comprehensive collection of publicly disclosed exploits for Local Privilege Escalation (LPE) vulnerabilities affecting Microsoft Windows operating systems.
Xerox Security Bulletin XRX24- 013 for Xerox® FreeFlow® Print Server v2 / Windows® 10
The methods of Security Patch Update delivery and install are over the network using FreeFlow® Print Server Update Manager or directly from Microsoft® using Windows® Update service, and using media (i.e., USB). The FreeFlow® Print Server engineering team receives new patch updates in January, April, July, and October, and will test them for supported Printer products (such as iGen®5 printers) prior to delivery for customer install.
IT Security News Monthly Summary – September
IT Security News Daily Summary 2024-08-31 North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit Check your IP cameras: There’s a new Mirai botnet on the rise Espionage Concerns Arise from Newly Discovered Voldemort Malware Happy United States Labor Day Weekend 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024 North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit Three Major Issues Family Offices Face With Private Market Data Choosing the Right Browser: Privacy Tips from Apple and Google New Voldemort Malware Uses Google Sheets to Target Key Sectors Globally Black Basta Cybersecurity Advisory: Endpoint Protection for Healthcare 4 Tips for Optimizing Your GRC Strategy Modern Strategies for IoT Device Fingerprinting Project Strawberry: Advancing AI with Q-learning, A* Algorithms, and Dual-Process Theory Full-Stack Security Guide: Best Practices and Challenges of Securing Modern Applications Taylor Swift Concert Terror Plot Was Thwarted by Key CIA Tip Missing Guardrails, a Troubling Trend in Data Protection Rocinante: The Trojan Horse That Wanted to Fly FBI: RansomHub Ransomware Breached 210 Victims Since February 2024 New Snake Keylogger Variant Slithers Into Phishing Campaigns Mastering AI & Cybersecurity: Navigating the Future – A Special Panel Discussion Wireshark 4.4.0 is now available, (Sat, Aug 31st) Godzilla Fileless Backdoors Targeting Atlassian Confluence Suspected Espionage Campaign Delivers New Voldemort Malware Operation DevilTiger: APT-Q-12’s Shadowy Tactics and Zero-Day Exploits Unveiled Key Takeaways from SiRAcon ’24:
Last Week in Security (LWiS) - 2024-08-26
Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. New Cheana Stealer Targets VPN Users Across Multiple Operating Systems - Don't feel too smug if you're a macOS or Linux user (arch btw) watching the constant stream of Windows malware, some threat actors are equal opportunity exploiters.
IT Security News Weekly Summary – Week 34
IT Security News Daily Summary 2024-08-25 Traderie – 364,898 breached accounts North Korea Exploited Windows Zero-Day Vulnerability to Install Fudmodule The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’ Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says Worried About Cash App Breach? These Three Steps Can Keep Your Financial Data Safe 16 Years of Cybercrime: The Story of Greasy Opal’s CAPTCHA Solver New Styx Stealer Malware Targets Browsers and Instant Messaging for Data Theft Sheltering From the Cyberattack Storm – Part Two Beyond CVSS: Advanced Vulnerability Prioritization Strategies for Modern Threats Dell Power Manager Privilege Escalation Vulnerability Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands Chrome Zero-day Vulnerability Actively Exploited in the Wild SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8 France police arrested Telegram CEO Pavel Durov U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures Telegram Founder Pavel Durov Reportedly Arrested in France IT Security News Daily Summary 2024-08-24 USENIX Security ’23 – TRust: A Compilation Framework For In-Process Isolation To Protect Safe Rust Against Untrusted Code Living with trust issues: The human side of zero trust architecture Hackers can take over Ecovacs home robots to spy on their owners PWA phishing on Android and iOS – Week in security with Tony Anscombe Misconfigured Access Controls in NetSuite Stores Cause Major Data Breach Cybercriminals Place 85-Year-Old Woman Under ‘Digital Arrest’ in Hyderabad, Cheat Her of ₹5.9 Crore Oil Giant Halliburton Hit by Cyberattack, Certain Systems Affected Cyble Research Reveals Near-Daily Surge in Supply Chain Attacks Unicoin’s Four-Day Cyberattack: Disruption, Recovery, and Ongoing Investigation The Limitations of Traditional Network-Based Vulnerability Scanning – And the Systematic Underestimation of Software Risks Cybersecurity Strategy: Understanding the Benefits of Continuous Threat Exposure Management Data Security Posture Management (DSPM) is an Important First Step in Deploying Gen AI and Copilot Tools Iranian Threat Actor TA453 Targets Jewish Figure with Fake Podcast Invite in Malicious Campaign Massive Data Breach Worsens as New Details Emerge Across US, UK, and Canada Protecting Your Wallet:
See 50 more articles and social media posts