CVE-2024-21320 | THREATINT

Home

Description

Windows Themes Spoofing Vulnerability

PUBLISHED Reserved 2023-12-08 | Published 2024-01-09 | Updated 2025-09-15 | Assigner microsoft

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Problem types

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Product status

10.0.17763.0 (custom) before 10.0.17763.5329

affected

10.0.0 (custom) before 10.0.17763.5329

affected

10.0.17763.0 (custom) before 10.0.17763.5329

affected

10.0.17763.0 (custom) before 10.0.17763.5329

affected

10.0.20348.0 (custom) before 10.0.20348.2227

affected

10.0.0 (custom) before 10.0.22000.2713

affected

10.0.19043.0 (custom) before 10.0.19044.3930

affected

10.0.22621.0 (custom) before 10.0.22621.3007

affected

10.0.19045.0 (custom) before 10.0.19045.3930

affected

10.0.22631.0 (custom) before 10.0.22631.3007

affected

10.0.22631.0 (custom) before 10.0.22631.3007

affected

10.0.10240.0 (custom) before 10.0.10240.20402

affected

10.0.14393.0 (custom) before 10.0.14393.6614

affected

10.0.14393.0 (custom) before 10.0.14393.6614

affected

10.0.14393.0 (custom) before 10.0.14393.6614

affected

6.2.9200.0 (custom) before 6.2.9200.24664

affected

6.2.9200.0 (custom) before 6.2.9200.24664

affected

6.3.9600.0 (custom) before 6.3.9600.21765

affected

6.3.9600.0 (custom) before 6.3.9600.21765

affected

References

www.vicarius.io/...ipt-windows-themes-spoofing-vulnerability

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21320 (Windows Themes Spoofing Vulnerability) vendor-advisory

cve.org (CVE-2024-21320)

nvd.nist.gov (CVE-2024-21320)

Download JSON

help @ threatint.eu