⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-05-04.
CVE-2022-24521
Severity
7.8HIGH
EPSS
8.2%
top 7.78%
CISA KEV
KEVRansomware
Added 2022-04-13
Due 2022-05-04
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
KEV addedApr 13
PublishedApr 15
KEV dueMay 4
Latest updateDec 21
CISA Required Action: Apply updates per vendor instructions.
Description
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages34 packages
Patches
🔴Vulnerability Details
4📋Vendor Advisories
2🕵️Threat Intelligence
7Securelist▶
Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)↗2023-12-21
Securelist▶
Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)↗2023-12-21
Securelist▶
Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)↗2023-12-21