Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Required
Privileges Required
Low
Attack Vector
Local
1

CVE-2024-38202

Disclosure Date: August 08, 2024
CVE-2024-38202 CVSS v3 Base Score: 7.3
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Summary
Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.
Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note:Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.
If there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs.
Details
A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.
Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note:Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.
If there are any… See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
7.3 High
Impact Score:
5.9
Exploitability Score:
1.3
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Windows 10 Version 1809 10.0.17763.6414
Windows Server 2019 10.0.17763.6414
Windows Server 2019 (Server Core installation) 10.0.17763.6414
Windows Server 2022 10.0.20348..2762
Windows 11 version 21H2 10.0.22000.3260
Windows 10 Version 21H2 10.0.19044.5011
Windows 11 version 22H2 10.0.22621.4317
Windows 10 Version 22H2 10.0.19045.5011
Windows 11 version 22H3 10.0.22631.4317
Windows 11 Version 23H2 10.0.22631.4317
Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.1189
Windows 10 Version 1607 10.0.14393.7428
Windows Server 2016 10.0.14393.7428
Windows Server 2016 (Server Core installation) 10.0.14393.7428
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • microsoft

Products

  • windows 10 1607 -,
  • windows 10 1809 -,
  • windows 10 21h2 -,
  • windows 10 22h2 -,
  • windows 11 21h2 -,
  • windows 11 22h2 -,
  • windows 11 23h2 -,
  • windows server 2016 -,
  • windows server 2019 -,
  • windows server 2022 -,
  • windows server 2022 23h2 -

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis