CVE-2024-49084

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 362

Summary

CVE-2024-49084 is a newly disclosed Windows Kernel vulnerability that grants attackers elevated privileges. By exploiting this EoP (Elevation of Privilege) flaw, an unprivileged user can gain administrative control over an affected system. The specific cause of the vulnerability has not been detailed, but it is recommended that all Windows users apply the forthcoming Microsoft patch as soon as it becomes available to mitigate the risk. This vulnerability poses a significant threat to organizations and individuals using unpatched Windows systems, potentially leading to data theft, unauthorized system access, and other malicious activities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows Server 2008

Affected Vendors

  • Microsoft