VDB
CVE-2024-30078
CVE-2024-30078
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Diese werden von Microsoft nicht im Detail beschrieben. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
EPSS 25.00% · 96.3th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
25.00%
96.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Windows 10 Version 1809 | |
| Hitachi | Hitachi Storage | |
| Microsoft | Microsoft Windows 10 Version 21H2 | |
| Microsoft | Microsoft Windows Server 2022 | |
| Microsoft | Microsoft Windows Server 2019 | |
| Microsoft | Microsoft Windows Server 2008 SP2 | |
| Microsoft | Microsoft Windows 11 version 21H2 | |
| Microsoft | Microsoft Windows 10 Version 22H2 | |
| Microsoft | Microsoft Windows Server 2012 R2 | |
| Microsoft | Microsoft Windows Server 2008 R2 SP1 | |
| Microsoft | Microsoft Windows 11 Version 23H2 | |
| Microsoft | Microsoft Windows Server 2022 23H2 Edition | |
| Microsoft | Microsoft Windows Server 2012 | |
| Microsoft | Microsoft Windows 10 | |
| Microsoft | Microsoft Windows 10 Version 1607 | |
| Microsoft | Microsoft Windows 11 Version 22H2 | |
| Microsoft | Microsoft Windows Server 2016 |
Exploit Intelligence
- CIRCL seen: CVE-2024-30078 (circl-sighting)
- CIRCL seen: CVE-2024-30078 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-30078 (circl-sighting)
- CIRCL seen: CVE-2024-30078 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-30078 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-30078 (circl-sighting)
- CIRCL seen: CVE-2024-30078 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-30078 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-30078 (circl-sighting)
- CIRCL seen: CVE-2024-30078 (circl-sighting)
…and 38 more exploits
Timeline
- Jun 11, 2024 CVE Published
- Jun 12, 2024 EPSS Score
- Jun 15, 2024 PoC Published
- Jun 15, 2024 PoC Published
- Jun 16, 2024 PoC Published
- Jun 16, 2024 PoC Published
- Jun 16, 2024 PoC Published
- Jun 17, 2024 PoC Published
- Jun 17, 2024 PoC Published
- Jun 17, 2024 PoC Published
- Jun 17, 2024 PoC Published
- Jun 18, 2024 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1347.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1347 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://github.com/tykawaii98/CVE-2024-30088 advisory
- https://www.hitachi.com/products/it/storage-solutions/sec_info/2024/06.html advisory
- https://github.com/varwara/CVE-2024-35250 advisory
- https://github.com/Dor00tkit/CVE-2024-30090 advisory
- https://www.cisa.gov/news-events/alerts/2024/12/16/cisa-adds-two-known-exploited-vulnerabilities-catalog exploit
- https://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe/ advisory
- https://www.picussecurity.com/resource/blog/oilrig-exposed-tools-techniques-apt34 advisory