CVE-2024-49095

CVSS 3.1 Score 7 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 415
CWE ID 591

Summary

CVE-2024-49095 is a newly disclosed vulnerability affecting the Windows PrintWorkflowUserSvc service. This elevation of privilege issue allows an attacker to gain higher system privileges by exploiting a flaw in the service's handling of specially crafted input. Successful exploitation could result in the attacker gaining unauthorized access to sensitive data or installing malware on the affected system. Users are advised to update their systems with the latest Microsoft patches as soon as they become available to mitigate this risk. This vulnerability is significant because it could impact any Windows system running the affected PrintWorkflowUserSvc service, potentially putting a large number of organizations at risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows
  • Microsoft Windows 11
  • Microsoft Windows Server

Affected Vendors

  • Microsoft