CVE-2024-38160Heap-based Buffer Overflow in Microsoft Windows 10 Version 1607

CWE-122Heap-based Buffer Overflow12 documents8 sources
Severity
9.1CRITICALNVD
EPSS
3.0%
top 13.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Microsoft Windows 10 Version 1607Microsoft Windows Server 2016Microsoft Windows 10 1607+3 more
Timeline
PublishedAug 13

Description

Windows Network Virtualization Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages7 packages

NVDmicrosoft/windows< 10.0.14393.7259
NVDmicrosoft/windows_10_1607< 10.0.14393.7259
CVEListV5microsoft/windows_server_201610.0.14393.010.0.14393.7259
CVEListV5microsoft/windows_10_version_160710.0.14393.010.0.14393.7259

Patches

Patch: msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-356h-6p87-pgw2: Windows Network Virtualization Remote Code Execution Vulnerability2024-08-13

📋Vendor Advisories

1
Microsoft
Windows Network Virtualization Remote Code Execution Vulnerability2024-08-13

🕵️Threat Intelligence

9
Trendmicro
The August 2024 Security Update Review2024-08-13
Talos
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed2024-08-13
Qualys
Microsoft and Adobe Patch Tuesday, August 2024 Security Update Review2024-08-13
Qualys
Microsoft & Adobe August 2024 Patch Tuesday Updates | Qualys2024-08-13
Bleepingcomputer
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited2024-08-13
CVE-2024-38160 — Heap-based Buffer Overflow | cvebase