CVE-2024-38134

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 15, 2024
CWE ID 125

Summary

CVE-2024-38134 is an elevation of privilege vulnerability affecting the Kernel Streaming WOW Thunk Service Driver. An attacker who successfully exploits this vulnerability can gain elevated system privileges, potentially leading to significant security implications. The driver in question is responsible for handling data streams in the Windows Operating System. The exact cause of the vulnerability is not yet disclosed, but it is recommended that affected systems be patched as soon as possible to mitigate potential risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows
  • Microsoft Windows 11
  • Microsoft Windows Server 2008

Affected Vendors

  • Microsoft