CVE-2024-38184

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 125

Summary

CVE-2024-38184 is a newly identified Windows Kernel-Mode Driver vulnerability. Hackers can exploit this Elevation of Privilege (EoP) weakness to elevate their user-level privileges to that of a system-level user. Once exploited, an attacker could gain unrestricted access to the system, enabling them to install malware, launch persistent attacks, or steal sensitive data. The vulnerability lies within a specific Kernel-Mode Driver, which is responsible for handling critical system functions. Microsoft is yet to release a patch to address this issue, leaving Windows users at risk until a fix becomes available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share