Informazioni sul CVE-2024-38202
Windows Update Stack Elevation of Privilege Vulnerability
CWE ID: CWE-284
Base Score (CVSS): N/A
CVE: CVE-2024-38202
Descrizione: Summary Microsoft was notified of a privilege elevation vulnerability in Windows Update, potentially allowing an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or bypass certain features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to succeed. Microsoft has developed a security update to mitigate this threat, which was released on October 08, 2024, and is available in the Security Updates table for customers to download. Note: Depending on your Windows version, additional steps may be needed to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce risks and protect systems. If there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs. Details A security researcher informed Microsoft of a privilege elevation vulnerability in Windows Update potentially allowing an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or bypass certain features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore, inadvertently triggering the vulnerability. Microsoft has developed a security update to mitigate this threat, which was released on October 08, 2024, and is available in the Security Updates table for customers to download. Note: Depending on your Windows version, additional steps may be needed to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce risks and protect systems. If there are any further… See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202
Vettore di attacco CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: Accesso: Local, Privilegi: Low, Interazione utente: Required, Confidenzialità: High, Integrità: High, Disponibilità: High.
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|---|---|---|
| Attack Vector (AV) | L | Local | L’attaccante deve avere accesso locale al sistema. |
| Attack Complexity (AC) | L | Low | L’attacco non richiede condizioni particolari. |
| Privileges Required (PR) | L | Low | Richiede pochi privilegi. |
| User Interaction (UI) | R | Required | È richiesta l’interazione di un utente. |
| Scope (S) | U | Unchanged | Il raggio d’azione non cambia. |
| Confidentiality Impact (C) | H | High | Grave impatto sulla riservatezza. |
| Integrity Impact (I) | H | High | Grave impatto sull’integrità. |
| Availability Impact (A) | H | High | Rende il sistema inutilizzabile. |
| Exploit Code Maturity (E) | P | Proof-of-Concept | Esistono PoC. |
| Remediation Level (RL) | U | Unavailable | Nessuna soluzione nota. |
| Report Confidence (RC) | C | Confirmed | Confermata ufficialmente. |
Riferimenti esterni
Prodotti interessati
- Microsoft – Windows 10 Version 1809
- Microsoft – Windows Server 2019
- Microsoft – Windows Server 2019 (Server Core installation)
- Microsoft – Windows Server 2022
- Microsoft – Windows 11 version 21H2
- Microsoft – Windows 10 Version 21H2
- Microsoft – Windows 11 version 22H2
- Microsoft – Windows 10 Version 22H2
- Microsoft – Windows 11 version 22H3
- Microsoft – Windows 11 Version 23H2
- Microsoft – Windows Server 2022, 23H2 Edition (Server Core installation)
- Microsoft – Windows 10 Version 1607
- Microsoft – Windows Server 2016
- Microsoft – Windows Server 2016 (Server Core installation)
Relazioni con altri prodotti
Produttore:Microsoft
Prodotto: Windows 10 Version 1809
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows Server 2019
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows Server 2019 (Server Core installation)
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows Server 2022
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 11 version 21H2
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 10 Version 21H2
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 11 version 22H2
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 10 Version 22H2
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 11 version 22H3
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 11 Version 23H2
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: 23H2 Edition (Server Core installation)
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows 10 Version 1607
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows Server 2016
Anno: 2024
CWE: CWE-284
CVSS: 0.0
Produttore:Microsoft
Prodotto: Windows Server 2016 (Server Core installation)
Anno: 2024
CWE: CWE-284
CVSS: 0.0