CVE-2024-38127

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 126

Summary

CVE-2024-38127 is a newly disclosed vulnerability affecting Microsoft Hyper-V, an essential component of Windows for creating virtual machines. This elevation of privilege vulnerability allows unprivileged users to gain administrative control over the Hyper-V host machine, potentially leading to significant security risks. Successful exploitation of this vulnerability could enable attackers to install malware, modify system configurations, or access sensitive data. Mitigation measures include applying the latest Hyper-V security updates, implementing access control policies, and regularly monitoring for unauthorized access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows
  • Microsoft Windows 11
  • Microsoft Windows Server 2008

Affected Vendors

  • Microsoft