CVE-2024-21443

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Mar 12, 2024

Updated: Dec 27, 2024

CWE ID 416

Summary

CVE-2024-21443 is a newly disclosed Windows Kernel vulnerability that allows an attacker to elevate privileges. By exploiting this EoP (Elevation of Privilege) flaw, an unprivileged user can gain administrative control over an affected system. The vulnerability exists in the Windows Kernel and could potentially be leveraged through specially crafted software or malicious emails. Successful exploitation could lead to extensive damage, including data theft, system disruption, and the installation of malware. Microsoft is working on a patch to address this issue, and users are strongly encouraged to apply it as soon as it becomes available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database