CVE-2026-24288
published 2026-03-10CVE-2026-24288: Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.
medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_21h2 | < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_22h2 | < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.7058 | 10.0.19045.7058 |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |