CVE-2024-30085
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Vulnerabilidad de elevaciĆ³n de privilegios del controlador del minifiltro de archivos en la nube de Windows
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the cldflt kernel driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-03-22 CVE Reserved
- 2024-06-11 CVE Published
- 2024-06-22 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30085 | 2024-06-21 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Windows 10 1809 Search vendor "Microsoft" for product "Windows 10 1809" | < 10.0.17763.5936 Search vendor "Microsoft" for product "Windows 10 1809" and version " < 10.0.17763.5936" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 10 21h2 Search vendor "Microsoft" for product "Windows 10 21h2" | < 10.0.19044.4529 Search vendor "Microsoft" for product "Windows 10 21h2" and version " < 10.0.19044.4529" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 10 22h2 Search vendor "Microsoft" for product "Windows 10 22h2" | < 10.0.19045.4529 Search vendor "Microsoft" for product "Windows 10 22h2" and version " < 10.0.19045.4529" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 11 21h2 Search vendor "Microsoft" for product "Windows 11 21h2" | < 10.0.22000.3019 Search vendor "Microsoft" for product "Windows 11 21h2" and version " < 10.0.22000.3019" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 11 22h2 Search vendor "Microsoft" for product "Windows 11 22h2" | < 10.0.22621.3737 Search vendor "Microsoft" for product "Windows 11 22h2" and version " < 10.0.22621.3737" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 11 23h2 Search vendor "Microsoft" for product "Windows 11 23h2" | < 10.0.22631.3737 Search vendor "Microsoft" for product "Windows 11 23h2" and version " < 10.0.22631.3737" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2019 Search vendor "Microsoft" for product "Windows Server 2019" | < 10.0.17763.5936 Search vendor "Microsoft" for product "Windows Server 2019" and version " < 10.0.17763.5936" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2022 Search vendor "Microsoft" for product "Windows Server 2022" | < 10.0.20348.2522 Search vendor "Microsoft" for product "Windows Server 2022" and version " < 10.0.20348.2522" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2022 23h2 Search vendor "Microsoft" for product "Windows Server 2022 23h2" | < 10.0.25398.950 Search vendor "Microsoft" for product "Windows Server 2022 23h2" and version " < 10.0.25398.950" | - |
Affected
|