CVE-2024-21315

EUVD-2024-19028
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
microsoftdefender_for_endpoint
𝑥
< 10.0.25398.531
microsoftdefender_for_endpoint
𝑥
< 10.0.19045.3693
microsoftdefender_for_endpoint
𝑥
< 10.0.22621.2715
microsoftdefender_for_endpoint
𝑥
< 6.3.9600.21813
microsoftdefender_for_endpoint
𝑥
< 10.0.14393.6452
microsoftdefender_for_endpoint
𝑥
< 6.2.9200.24710
microsoftdefender_for_endpoint
𝑥
< 10.0.19045.3693
microsoftdefender_for_endpoint
𝑥
< 10.0.22621.2715
microsoftdefender_for_endpoint
𝑥
< 10.0.10240.20308
microsoftdefender_for_endpoint
𝑥
< 10.0.19043.3693
microsoftdefender_for_endpoint
𝑥
< 10.0.22000.2600
microsoftdefender_for_endpoint
𝑥
< 6.2.9200.24569
microsoftdefender_for_endpoint
𝑥
< 10.0.20348.2113
microsoftdefender_for_endpoint
𝑥
< 10.0.17763.5122
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB5032199
1607 (x64, x86)
KB5032197
1809 (arm64, x64, x86)
KB5032196
21H2 (arm64, x64, x86)
KB5032189
22H2 (arm64, x64, x86)
KB5032189
Windows 11
21H2 (arm64, x64)
KB5032192
22H2 (arm64, x64)
KB5032190
23H2 (arm64, x64)
KB5032190
Windows Server 2012
Server Core
KB5034830
Standard
KB5034830
Windows Server 2012 R2
Server Core
KB5034819
Standard
KB5034819
Windows Server 2016
Server Core
KB5032197
Standard
KB5032197
Windows Server 2019
Server Core
KB5032196
Standard
KB5032196
Windows Server 2022
23H2 Server Core
KB5032202
Server Core
KB5032247
Standard
KB5032198
Common Weakness Enumeration
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21315
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21315