⚠ Actively exploited
Added to CISA KEV on 2024-12-16. Federal agencies required to patch by 2025-01-06. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2024-35250Untrusted Pointer Dereference in Microsoft Windows 10 Version 1507

CWE-822Untrusted Pointer DereferenceCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer17 documents13 sources
Severity
7.8HIGHNVD
EPSS
56.8%
top 1.86%
CISA KEV
KEV
Added 2024-12-16
Due 2025-01-06
Exploit
Exploited in wild
Active exploitation observed
Affected products
26
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+23 more
Timeline
PublishedJun 11
KEV addedDec 16
KEV dueJan 6
Latest updateAug 27
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages25 packages

NVDmicrosoft/windows< 10.0.14393.7070+4
NVDmicrosoft/windows_10_1507< 10.0.10240.20680
NVDmicrosoft/windows_10_1607< 10.0.14393.7070
NVDmicrosoft/windows_10_1809< 10.0.17763.5936
NVDmicrosoft/windows_10_21h2< 10.0.19044.4529

Patches

Patch: msrc.microsoft.comPatch: msrc.microsoft.com

🔴Vulnerability Details

3
CVEList
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability2024-06-11
GHSA
GHSA-98g3-x4rc-fj4g: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability2024-06-11
VulnCheck
Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability2024

💥Exploits & PoCs

1
Metasploit
Windows Access Mode Mismatch LPE in ks.sys

📋Vendor Advisories

2
CISA
Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability2024-12-16
Microsoft
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability2024-06-11

🕵️Threat Intelligence

10
Securelist
Vulnerability landscape analysis for Q2 20252025-08-27
Securelist
Vulnerability landscape analysis for Q1 20252025-05-30
Bleepingcomputer
Windows kernel bug now exploited in attacks to gain SYSTEM privileges2024-12-16
Trendmicro
The June 2024 Security Update Review2024-06-11
Qualys
Microsoft & Adobe June 2024 Patch Tuesday: Critical Updates & Fixes | Qualys2024-06-11
CVE-2024-35250 — Untrusted Pointer Dereference | cvebase