Home

Description

Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

PUBLISHED Reserved 2024-02-14 | Published 2024-03-12 | Updated 2025-05-03 | Assigner microsoft




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-20: Improper Input Validation

Product status

10.0.20348.0 (custom) before 10.0.20348.2340
affected

10.0.0 (custom) before 10.0.22000.2836
affected

10.0.19043.0 (custom) before 10.0.19044.4170
affected

10.0.22621.0 (custom) before 10.0.22621.3296
affected

10.0.19045.0 (custom) before 10.0.19045.4170
affected

10.0.22631.0 (custom) before 10.0.22631.3296
affected

10.0.22631.0 (custom) before 10.0.22631.3296
affected

10.0.25398.0 (custom) before 10.0.25398.763
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26170 (Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability) vendor-advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26170 (Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2024-26170)

nvd.nist.gov (CVE-2024-26170)