cbcvebase.
CVE-2024-38246
published 2024-09-10

CVE-2024-38246: Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.57%
42.5th percentile
Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

Affected

24 ranges
VendorProductVersion rangeFixed in
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.489410.0.19044.4894
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.489410.0.19045.4894
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.319710.0.22000.3197
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.416910.0.22621.4169
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.416910.0.22631.4169
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.416910.0.22631.4169
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.174210.0.26100.1742
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.270010.0.20348.2700
msrcwindows_10_version_21h2_for_32-bit_systems
msrcwindows_10_version_21h2_for_arm64-based_systems
msrcwindows_10_version_21h2_for_x64-based_systems
msrcwindows_10_version_22h2_for_32-bit_systems
msrcwindows_10_version_22h2_for_arm64-based_systems
msrcwindows_10_version_22h2_for_x64-based_systems
msrcwindows_11_version_21h2_for_arm64-based_systems
msrcwindows_11_version_21h2_for_x64-based_systems
msrcwindows_11_version_22h2_for_arm64-based_systems
msrcwindows_11_version_22h2_for_x64-based_systems
msrcwindows_11_version_23h2_for_arm64-based_systems
msrcwindows_11_version_23h2_for_x64-based_systems
msrcwindows_11_version_24h2_for_arm64-based_systems
msrcwindows_11_version_24h2_for_x64-based_systems
msrcwindows_server_2022
msrcwindows_server_2022_23h2_edition

CVSS provenance

nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
cvelistv57.0HIGH
vendor_msrc7.0HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.