CVE-2024-29995

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 208

Summary

CVE-2024-29995 is a newly disclosed Windows Kerberos Elevation of Privilege vulnerability. This issue allows an attacker to gain elevated privileges on a targeted system by manipulating the Kerberos authentication protocol. Successful exploitation results in the attacker having the ability to access sensitive data or install malware with administrative privileges. The vulnerability affects multiple Windows versions, and Microsoft has released a patch to address it. It is essential for organizations to apply the patch promptly to protect their systems from potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share