Improper Verification of Cryptographic Signature (CWE-347)
A Windows Enroll Engine Security Feature Bypass Vulnerability has been identified. This vulnerability is associated with improper verification of cryptographic signatures (CWE-347). It affects multiple versions of Windows, including Windows Server 2019, 2022, 2016, Windows 10 (various versions), and Windows 11 (various versions).
The vulnerability has a high severity rating with a CVSS v3.1 base score of 7.0. If exploited, it could lead to high impacts on confidentiality, integrity, and availability of the affected systems. The attack vector is local, requiring low privileges and no user interaction, but with high attack complexity. This suggests that while the vulnerability is serious, it may be somewhat challenging to exploit. Given the nature of a security feature bypass in the Windows Enroll Engine, successful exploitation could potentially allow an attacker to circumvent security measures, potentially leading to unauthorized access, data manipulation, or system compromise.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch is available for this vulnerability. Microsoft released updates to address this issue on July 9, 2024. The patch is available through the Microsoft Update Guide.
1. Apply the security updates provided by Microsoft as soon as possible to all affected Windows systems. 2. Prioritize patching for systems that are more likely to be targeted or those that handle sensitive information. 3. Implement the principle of least privilege to minimize the potential impact if the vulnerability is exploited. 4. Monitor for any unusual activities or unauthorized changes in system configurations, especially those related to certificate validation or cryptographic signatures. 5. Keep all Windows systems and software up to date with the latest security patches as part of ongoing maintenance. 6. Consider implementing additional security measures such as network segmentation and endpoint detection and response (EDR) solutions to help detect and prevent potential exploitation attempts.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 7 has been assigned.
NVD published the first details for CVE-2024-38069
Feedly found the first article mentioning CVE-2024-38069. See article
Feedly estimated the CVSS score as HIGH
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.04% (Percentile: 9.2%)
This CVE started to trend in security discussions
This CVE stopped trending in security discussions