CVE-2024-38256

EUVD-2024-37221
Windows Kernel-Mode Driver Information Disclosure Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
microsoftCNA
5.5 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10_1507
𝑥
< 10.0.10240.20766
microsoftwindows_10_1507
𝑥
< 10.0.10240.20766
microsoftwindows_10_1607
𝑥
< 10.0.14393.7336
microsoftwindows_10_1607
𝑥
< 10.0.14393.7336
microsoftwindows_10_1809
𝑥
< 10.0.17763.6293
microsoftwindows_10_21h1
𝑥
< 10.0.19044.4894
microsoftwindows_10_22h2
𝑥
< 10.0.19041.4894
microsoftwindows_10_22h2
𝑥
< 10.0.19045.4894
microsoftwindows_10_22h2
𝑥
< 10.0.19045.4894
microsoftwindows_server_2008
-
microsoftwindows_server_2008
-
microsoftwindows_server_2012
-
microsoftwindows_server_2016
𝑥
< 10.0.14393.7336
microsoftwindows_server_2019
𝑥
< 10.0.17763.6293
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB5043083
1607 (x64, x86)
KB5043051
1809 (x64, x86)
KB5043050
21H2 (arm64, x64, x86)
KB5043064
22H2 (arm64, x64, x86)
KB5043064
Windows Server 2008
Service Pack 2 (x64, x86)
KB5043135
Service Pack 2 Server Core (x64, x86)
KB5043135
Windows Server 2008 R2
Service Pack 1 (x64)
KB5043129
Service Pack 1 Server Core (x64)
KB5043129
Windows Server 2012
Server Core
KB5043125
Standard
KB5043125
Windows Server 2012 R2
Server Core
KB5043138
Standard
KB5043138
Windows Server 2016
Server Core
KB5043051
Standard
KB5043051
Windows Server 2019
Server Core
KB5043050
Standard
KB5043050
Common Weakness Enumeration
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38256