CVE-2024-38193

Aug. 13, 2024, 6:15 p.m.

7.8
High

Description

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Product(s) Impacted

Product Versions
Windows Ancillary Function Driver for WinSock

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-416
Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193

Tags

CWE-416
secure@microsoft.com
2024-08-13
CVE-2024-38193

CVSS Score

7.8 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Aug. 13, 2024, 6:15 p.m.
Last Modified: Aug. 13, 2024, 6:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secure@microsoft.com

Relations

Here is the list of observables linked to the vulnerability CVE-2024-38193 using threat intelligence.

  • Citrine Sleet
  • Kaolin

Linked Attack Reports

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium, now identified as CVE-2024-7971, to gain remote code execution (RCE). Microsoft assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat ac…
fudmodule
CVE-2024-7971
2024-09-02
diamond sleet
citrine sleet
hidden cobra
Published: September 2, 2024
Linked vulnerabilities : CVE-2024-4947, CVE-2024-5274, CVE-2024-38106 (CVSS 7.0), CVE-2024-38193 (CVSS 7.8), CVE-2024-7971 (CVSS 8.8), CVE-2023-42793, CVE-2024-21338
Downloadable IOCs: 2

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.