CVE-2024-6769 – Medium to High Integrity Privilege Escalation in Microsoft Windows
https://notcve.org/view.php?id=CVE-2024-6769
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 https://www.fortra.com/security/advisories/research/fr-2024-002 • CWE-426: Untrusted Search Path •
CVE-2024-6768 – Denial of Service in CLFS.sys
https://notcve.org/view.php?id=CVE-2024-6768
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. • https://github.com/fortra/CVE-2024-6768 https://www.fortra.com/security/advisories/research/fr-2024-001 • CWE-1284: Improper Validation of Specified Quantity in Input •