CVE-2024-30088

June 11, 2024, 5:15 p.m.

7.0
Medium

Description

Windows Kernel Elevation of Privilege Vulnerability

Product(s) Impacted

Product Versions
Windows Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088

Tags

CWE-367
secure@microsoft.com
2024-06-11
CVE-2024-30088

CVSS Score

7.0 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: HIGH
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: June 11, 2024, 5:15 p.m.
Last Modified: June 11, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secure@microsoft.com

Relations

Here is the list of observables linked to the vulnerability CVE-2024-30088 using threat intelligence.

  • OilRig
  • Earth Simnavaz
  • STEALHOOK
  • Helminth - S0170
  • QUADAGENT - S0269

Linked Attack Reports

Advanced Cyberattacks Against UAE and Gulf Regions

Earth Simnavaz, also known as APT34 and OilRig, has been actively targeting governmental entities in the UAE and Gulf region. The group employs sophisticated tactics, including a backdoor that exploits Microsoft Exchange servers for credential theft and the use of CVE-2024-30088 for privilege escal…
cyber espionage
credential theft
oilrig
CVE-2024-30088
privilege escalation
microsoft exchange
2024-10-14
apt34
stealhook
iis malware
gulf region
uae
Published: October 14, 2024
Linked vulnerabilities : CVE-2024-30088 (CVSS 7.0)
Downloadable IOCs: 17

Unveiling the Tools and Techniques of APT34

OilRig, also known as APT34 and Helix Kitten, is a sophisticated state-sponsored threat actor believed to be aligned with Iranian interests. Active since 2016, the group primarily targets organizations in the Middle East, focusing on sectors such as government, technology, and energy. OilRig employ…
CVE-2024-30088
apt34
stealhook
2024-12-31
helix kitten
quadagent
Published: December 31, 2024
Linked vulnerabilities : CVE-2024-30088 (CVSS 7.0)
Downloadable IOCs: 5

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.