FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-38064

Use of Uninitialized Resource (CWE-908)

Published: Jul 9, 2024

010
CVSS 7.5EPSS 0.09%High
CVE info copied to clipboard

Summary

A Windows TCP/IP Information Disclosure Vulnerability has been identified. This vulnerability is related to the use of an uninitialized resource which can lead to the exposure of sensitive information to an unauthorized actor. The vulnerability affects multiple versions of Windows operating systems, including Windows 10, Windows 11, and various Windows Server editions.

Impact

This vulnerability has a CVSS v3.1 base score of 7.5, which is considered HIGH severity. The attack vector is network-based, with low attack complexity and requires no user interaction or privileges. The primary impact is on confidentiality, with a HIGH confidentiality impact rating. There is no impact on integrity or availability. An attacker exploiting this vulnerability could potentially gain unauthorized access to sensitive information transmitted over TCP/IP networks on affected Windows systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available for this vulnerability. Microsoft has released updates to address this issue. The patch was added on July 9, 2024, and is available through the Microsoft Update Guide. Affected systems and their corresponding patch versions are: Windows Server 2019: patch to version 10.0.17763.6054 or later Windows Server 2022: patch to version 10.0.20348.2582 or later Windows 10 21H2: patch to version 10.0.19044.4651 or later Windows 10 1809: patch to version 10.0.17763.6054 or later Windows Server 2022 23H2: patch to version 10.0.25398.1009 or later Windows Server 2008 R2 SP1 and SP2: patch available (version not specified) Windows Server 2012 and 2012 R2: patch available (version not specified) Windows 10 1507: patch to version 10.0.10240.20710 or later Windows 11 22H2: patch to version 10.0.22621.3880 or later Windows 10 1607: patch to version 10.0.14393.7159 or later Windows 11 21H2: patch to version 10.0.22000.3079 or later Windows 11 23H2: patch to version 10.0.22631.3880 or later Windows Server 2016: patch to version 10.0.14393.7159 or later Windows 10 22H2: patch to version 10.0.19045.4651 or later

Mitigation

1. Apply the security updates provided by Microsoft as soon as possible to all affected systems. 2. Prioritize patching for internet-facing systems and critical infrastructure due to the network-based attack vector and high confidentiality impact. 3. Implement network segmentation and access controls to limit potential exposure. 4. Monitor network traffic for suspicious activities that may indicate attempted exploitation. 5. Keep all Windows systems and software up to date with the latest security patches. 6. Consider using intrusion detection/prevention systems (IDS/IPS) to detect and block potential exploitation attempts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Timeline

Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (92149)

Jul 9, 2024 at 7:53 AM
CVSS

A CVSS base score of 7.5 has been assigned.

Jul 9, 2024 at 5:05 PM / microsoft
CVE Assignment

NVD published the first details for CVE-2024-38064

Jul 9, 2024 at 5:15 PM
First Article

Feedly found the first article mentioning CVE-2024-38064. See article

Jul 9, 2024 at 5:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Jul 9, 2024 at 6:53 PM
EPSS

EPSS Score was set to: 0.09% (Percentile: 37.4%)

Jul 10, 2024 at 10:14 AM
Trending

This CVE started to trend in security discussions

Jul 12, 2024 at 9:32 AM
Trending

This CVE stopped trending in security discussions

Jul 12, 2024 at 10:08 AM
Static CVE Timeline Graph

Affected Systems

Microsoft/windows_11_22h2
+null more

Patches

Microsoft
+null more

News

Xerox Security Bulletin XRX24- 013 for Xerox® FreeFlow® Print Server v2 / Windows® 10
Security Bulletins for Xerox Products / 2mo
The methods of Security Patch Update delivery and install are over the network using FreeFlow® Print Server Update Manager or directly from Microsoft® using Windows® Update service, and using media (i.e., USB). The FreeFlow® Print Server engineering team receives new patch updates in January, April, July, and October, and will test them for supported Printer products (such as iGen®5 printers) prior to delivery for customer install.
Update Sun Aug 18 22:32:29 UTC 2024
Recent Commits to cve:main / 3mo
Update Sun Aug 18 22:32:29 UTC 2024
Update Sat Aug 17 14:31:27 UTC 2024
Recent Commits to cve:main / 3mo
Update Sat Aug 17 14:31:27 UTC 2024
Update Thu Aug 15 14:36:12 UTC 2024
Recent Commits to cve:main / 3mo
Update Thu Aug 15 14:36:12 UTC 2024
Microsoft Security Bulletin Coverage For August 2024
SonicWall / 3mo
The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of 2024 and has produced coverage for ten of the reported vulnerabilities Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the patch Tuesday release for each month.
See 13 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

CVSS 7.5(51562)CWE-908(442)Microsoft(12100)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial