Description
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Reserved 2024-05-14 | Published 2024-06-11 | Updated 2024-12-31 | Assigner
microsoftHIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CISA Known Exploited Vulnerability
Date added 2024-12-16 | Due date 2025-01-06
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Problem types
CWE-822: Untrusted Pointer Dereference
Product status
10.0.17763.0 before 10.0.17763.5936
affected
10.0.0 before 10.0.17763.5936
affected
10.0.17763.0 before 10.0.17763.5936
affected
10.0.17763.0 before 10.0.17763.5936
affected
10.0.20348.0 before 10.0.20348.2527
affected
10.0.0 before 10.0.22000.3019
affected
10.0.19043.0 before 10.0.19044.4529
affected
10.0.22621.0 before 10.0.22621.3737
affected
10.0.19045.0 before 10.0.19045.4529
affected
10.0.22631.0 before 10.0.22631.3737
affected
10.0.22631.0 before 10.0.22631.3737
affected
10.0.25398.0 before 10.0.25398.950
affected
10.0.10240.0 before 10.0.10240.20680
affected
10.0.14393.0 before 10.0.14393.7070
affected
10.0.14393.0 before 10.0.14393.7070
affected
10.0.14393.0 before 10.0.14393.7070
affected
6.0.6003.0 before 6.0.6003.22720
affected
6.0.6003.0 before 6.0.6003.22720
affected
6.0.6003.0 before 6.0.6003.22720
affected
6.1.7601.0 before 6.1.7601.27170
affected
6.1.7601.0 before 6.1.7601.27170
affected
6.2.9200.0 before 6.2.9200.24919
affected
6.2.9200.0 before 6.2.9200.24919
affected
6.3.9600.0 before 6.3.9600.22023
affected
6.3.9600.0 before 6.3.9600.22023
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability) vendor-advisory
cve.org (CVE-2024-35250)
nvd.nist.gov (CVE-2024-35250)
Download JSON