Heap-based Buffer Overflow (CWE-122)
A Secure Boot Security Feature Bypass Vulnerability has been identified in various versions of Microsoft Windows. This vulnerability is classified as a Heap-based Buffer Overflow and Out-of-bounds Write issue. It affects multiple Windows versions including Windows 10 (versions 1507, 1607, 1809, 21H2, 22H2), Windows 11 (versions 21H2, 22H2, 23H2), and Windows Server (2012, 2016, 2019, 2022, 2022 23H2).
The vulnerability has a high severity rating with a CVSS v3.1 base score of 6.8. If exploited, this vulnerability could lead to a bypass of the Secure Boot security feature, potentially compromising the integrity, confidentiality, and availability of the affected systems. The attack vector is physical, requiring no user interaction and no privileges, but with a low attack complexity. This suggests that an attacker with physical access to the device could potentially exploit this vulnerability relatively easily.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch for this vulnerability is available. Microsoft released updates to address this issue on July 9, 2024. Security teams should prioritize applying these patches to all affected Windows systems.
To mitigate this vulnerability: 1. Apply the security updates provided by Microsoft as soon as possible to all affected Windows systems. 2. Prioritize patching based on the criticality of the systems and their exposure to potential physical access by unauthorized individuals. 3. Implement strict physical security measures to limit access to vulnerable systems, especially those that cannot be immediately patched. 4. Monitor for any suspicious activities or unauthorized physical access attempts to systems. 5. Consider disabling Secure Boot temporarily if patching is not immediately possible, but be aware this may introduce other security risks. 6. Ensure that all Windows systems are kept up-to-date with the latest security patches as part of ongoing security maintenance.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 6.8 has been assigned.
NVD published the first details for CVE-2024-38065
Feedly found the first article mentioning CVE-2024-38065. See article
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.05% (Percentile: 21.9%)
This CVE started to trend in security discussions
This CVE stopped trending in security discussions