CVE-2024-43634

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

CWE ID 125

Summary

CVE-2024-43634 is a newly disclosed vulnerability affecting the Windows USB Video Class System Driver. This issue grants an attacker local elevation of privileges, allowing them to gain administrative access to a system by exploiting a flaw in the driver. Successful exploitation could result in significant harm, including data theft, unauthorized system modifications, or the installation of malware. Users are encouraged to install the latest security updates from Microsoft to mitigate this risk. This vulnerability, identified as CVE-2024-43634, targets the Windows USB Video Class System Driver. Attackers who successfully exploit this flaw can elevate their privileges, gaining local administrative access to the system. This could potentially lead to severe consequences, including data theft, unauthorized system modifications, and malware installation. Microsoft urges users to install the latest security updates to safeguard their systems against this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Microsoft Windows
Microsoft Windows 11
Microsoft Windows Server 2008

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners