Microsoft Windows 11 Version 23H2 vulnerabilities
1,506 known vulnerabilities affecting microsoft/windows_11_version_23h2.
Total CVEs
1,506
CISA KEV
58
actively exploited
Public exploits
24
Exploited in wild
30
Severity breakdown
CRITICAL18HIGH1051MEDIUM430LOW7
Vulnerabilities
Page 58 of 76
CVE-2024-38202HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.43172024-08-08
CVE-2024-38202 [HIGH] CWE-284 CVE-2024-38202: Summary
Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update
Summary
Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires
nvd
CVE-2024-21302MEDIUMCVSS 6.7≥ 10.0.22631.0, < 10.0.22631.51892024-08-08
CVE-2024-21302 [MEDIUM] CWE-284 CVE-2024-21302: Summary:
As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See K
Summary:
As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerability.
An elevation of privilege vulnerability exis
nvd
CVE-2024-21417HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-10
CVE-2024-21417 [HIGH] CWE-862 CVE-2024-21417: Windows Text Services Framework Elevation of Privilege Vulnerability
Windows Text Services Framework Elevation of Privilege Vulnerability
nvd
CVE-2024-38022HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38022 [HIGH] CWE-59 CVE-2024-38022: Windows Image Acquisition Elevation of Privilege Vulnerability
Windows Image Acquisition Elevation of Privilege Vulnerability
nvd
CVE-2024-37969HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-37969 [HIGH] CWE-822 Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
cvelistv5
CVE-2024-38052HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38052 [HIGH] CWE-20 CVE-2024-38052: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-38064HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38064 [HIGH] CWE-908 CVE-2024-38064: Windows TCP/IP Information Disclosure Vulnerability
Windows TCP/IP Information Disclosure Vulnerability
nvd
CVE-2024-38033HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38033 [HIGH] CWE-20 PowerShell Elevation of Privilege Vulnerability
PowerShell Elevation of Privilege Vulnerability
PowerShell Elevation of Privilege Vulnerability
cvelistv5
CVE-2024-38032HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38032 [HIGH] CWE-122 CVE-2024-38032: Microsoft Xbox Remote Code Execution Vulnerability
Microsoft Xbox Remote Code Execution Vulnerability
nvd
CVE-2024-38079HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38079 [HIGH] CWE-122 CVE-2024-38079: Windows Graphics Component Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
nvd
CVE-2024-37974HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-37974 [HIGH] CWE-191 Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
cvelistv5
CVE-2024-30081HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-30081 [HIGH] CWE-200 Windows NTLM Spoofing Vulnerability
Windows NTLM Spoofing Vulnerability
Windows NTLM Spoofing Vulnerability
cvelistv5
CVE-2024-38019HIGHCVSS 7.2≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38019 [HIGH] CWE-190 CVE-2024-38019: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
nvd
CVE-2024-38034HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38034 [HIGH] CWE-190 CVE-2024-38034: Windows Filtering Platform Elevation of Privilege Vulnerability
Windows Filtering Platform Elevation of Privilege Vulnerability
nvd
CVE-2024-38057HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38057 [HIGH] CWE-125 CVE-2024-38057: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-38028HIGHCVSS 7.2≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38028 [HIGH] CWE-125 CVE-2024-38028: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
nvd
CVE-2024-38091HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38091 [HIGH] CWE-166 CVE-2024-38091: Microsoft WS-Discovery Denial of Service Vulnerability
Microsoft WS-Discovery Denial of Service Vulnerability
nvd
CVE-2024-37972HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-37972 [HIGH] CWE-121 Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
cvelistv5
CVE-2024-37989HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-37989 [HIGH] CWE-130 Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
cvelistv5
CVE-2024-28899HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-28899 [HIGH] CWE-121 Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
cvelistv5