Lucene search
MicrosoftCVE-2024-38163HistoryAug 14, 2024 - 12:15 a.m.
CVE-2024-38163
2024-08-1400:15:07
CWE-284
microsoft
web.nvd.nist.gov
47
windows update stack
elevation of privilege
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
17.0%
Windows Update Stack Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftwindows_server_2022Range10.0.0–10.0.22000.2710
Node
microsoftwindows_11_21h2Range10.0.0–10.0.22000.2710
Node
microsoftwindows_10_21h2Range10.0.0–10.0.19041.3920
Node
microsoftwindows_10_22h2Range10.0.0–10.0.19041.3920
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.22000.2710:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.2710",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2710:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.2710",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19041.3920:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19041.3920:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19041.3920",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19041.3920:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19041.3920:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19041.3920",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Windows Update Stack Elevation of Privilege Vulnerability
2024-08-13 07:00:00
vulnrichment
vulnrichment
CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability
2024-08-13 23:23:36
nvd
nvd
CVE-2024-38163
2024-08-14 00:15:07
mskb
mskb
cvelist
cvelist
CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability
2024-08-13 23:23:36
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, August 2024 Security Update Review
2024-08-13 20:31:30
kaspersky
kaspersky
KLA71484 Multiple vulnerabilities in Microsoft Windows
2024-08-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2024
2024-08-13 23:36:30
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for CVE-2024-38163