Use of Uninitialized Resource (CWE-908)
Windows Kernel-Mode Driver Information Disclosure Vulnerability. This is a local vulnerability with a low attack complexity that requires low privileges and no user interaction. It has a high impact on confidentiality but no impact on integrity or availability.
This vulnerability could allow an attacker with low privileges to gain unauthorized access to sensitive information within the Windows Kernel-Mode Driver. The attack is limited to local access, meaning the attacker would need some level of access to the target system. While the confidentiality impact is high, there is no direct impact on the integrity or availability of the system.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch is available. Microsoft released an official fix for this vulnerability on September 10, 2024.
1. Apply the official patch released by Microsoft as soon as possible. 2. Limit local access to systems, especially for low-privileged users. 3. Implement the principle of least privilege to minimize the potential impact of this vulnerability. 4. Monitor for any unusual activities or access attempts related to the Windows Kernel-Mode Driver. 5. Keep systems and software up to date with the latest security patches.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Detection for the vulnerability has been added to Qualys (92169)
Feedly found the first article mentioning CVE-2024-38256. See article
NVD published the first details for CVE-2024-38256
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.04% (Percentile: 9.6%)
EPSS Score was set to: 0.05% (Percentile: 19%)