CVE-2024-20686 — Sensitive Data Storage in Improperly Locked Memory in Windows Server 2022 23h2 Edition

CWE-591 — Sensitive Data Storage in Improperly Locked Memory10 documents6 sources

Severity

7.8HIGHCNA

No vector

EPSS

0.1%

top 71.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

1

Msrc Windows Server 2022 23h2 Edition

Timeline

PublishedJan 9

Description

Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

Affected Packages1 packages

▶msrcmsrc/windows_server_2022_23h2_edition

🔴Vulnerability Details

1

CVEList

Win32k Elevation of Privilege Vulnerability↗2024-01-09

▶

📋Vendor Advisories

1

Microsoft

Win32k Elevation of Privilege Vulnerability↗2024-01-09

▶

🕵️Threat Intelligence

8

Qualys

Microsoft and Adobe Patch Tuesday, January 2024 Security Update Review↗2024-01-09

▶

Trendmicro

The January 2024 Security Update Review↗2024-01-09

▶

Trendmicro

The January 2024 Security Update Review↗2024-01-09

▶

Trendmicro

The January 2024 Security Update Review↗2024-01-09

▶

Bleepingcomputer

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs↗2024-01-09

▶