August 2024 Microsoft Patch Tuesday: Addressing 87 Vulnerabilities Including 6 Weaponised Threats
For August 2024, Microsoft’s Patch Tuesday is substantial, addressing 87 vulnerabilities. Notably, several of these vulnerabilities have been weaponized, with some carrying a critical CVSS score of 9.8. The update includes 7 critical patches, 79 important fixes, and one moderate update, covering products such as Windows, Windows Components, Office, Azure, Visual Studio, and the Kernel.
Robert Brown, Head of Customer Success at Syxsense, underscores the need for strategic prioritization in vulnerability management. He draws attention to the presence of threats that could potentially serve as Jump Points, urging organizations to maintain heightened vigilance. With a combined CVSS score of 667.6 for August and an average score of 7.7—only slightly lower than the previous month—the critical nature of these vulnerabilities demands focused and careful remediation efforts.
Based on Vendor Severity and CVSS Scores, we recommend integrating the provided CVE numbers into your Patch Management solution. Once thorough testing is complete, deployment should proceed without delay.
- CVE-2024-38189 – Microsoft Project Remote Code Execution Vulnerability
An attacker could exploit this vulnerability by crafting a malicious Microsoft Office Project file and delivering it to a victim through various means. The exploitation hinges on the victim opening the file under certain insecure conditions. Specifically, if the system has the “Block macros from running in Office files from the Internet” policy disabled and VBA Macro Notification Settings are not enabled, the malicious file could execute harmful code, leading to remote code execution.
Attack Scenarios:
- Email-Based Attack:
- The attacker could send the malicious file as an email attachment. The success of the attack would depend on the victim being convinced to open the file, which would trigger the exploit if the security settings mentioned above are not properly configured.
- Web-Based Attack:
- The attacker could host the malicious file on a website, possibly leveraging a compromised site that allows user-uploaded content. They would then entice the victim to visit the site via a link provided through an email, instant message, or other communication channels. Upon visiting the site and opening the file, the exploit would be triggered.
In both scenarios, user interaction is required, but the attack complexity remains low. The attacker relies on social engineering techniques to persuade the victim to open the malicious file.
Syxscore:
- Vendor Severity: Important
- CVSS: 8.8
- Weaponised: Yes
- Public Awareness: No
- Countermeasure: Yes
Risk Factors:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope / Jump Point: Unchanged / No
Summary: CVE-2024-38189 represents a significant risk, particularly if organizational security policies are not enforced. It underscores the importance of ensuring that macros are blocked from running in Office files from the internet and that users are notified of any VBA macros. The combination of a high CVSS score and the fact that this vulnerability has been weaponized makes it a priority for mitigation efforts.
- CVE-2024-38178 – Scripting Engine Memory Corruption Vulnerability
This vulnerability involves a memory corruption issue in the scripting engine, specifically impacting the Microsoft Edge browser. For an attacker to exploit this vulnerability, the attack requires user interaction: an authenticated user must click on a malicious link. Once clicked, the unauthenticated attacker can initiate remote code execution on the victim’s machine. Despite the necessity for user interaction, the threat is significant due to its potential to execute arbitrary code remotely.
Syxscore:
- Vendor Severity: Important
- CVSS: 7.5
- Weaponised: Yes
- Public Awareness: No
- Countermeasure: Maybe
Risk Factors:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope / Jump Point: Unchanged / No
Summary: CVE-2024-38178 presents a notable risk, particularly in environments where users may be prone to clicking on links without caution. The requirement for user interaction, combined with the high attack complexity, slightly mitigates the risk. However, given that the vulnerability is weaponized and can lead to remote code execution in the Microsoft Edge browser, it should not be underestimated. Organizations should consider reinforcing user training on phishing and malicious links while monitoring for updates or patches that address this vulnerability.
- CVE-2024-38199 – Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
CVE-2024-38199 is a critical vulnerability in the Windows Line Printer Daemon (LPD) service, allowing an unauthenticated attacker to achieve remote code execution. The attack involves sending a specially crafted print task to a vulnerable LPD service on a networked server. Due to the nature of the vulnerability, no user interaction or elevated privileges are required, making it highly exploitable in environments where the LPD service is exposed.
Syxscore:
- Vendor Severity: Important
- CVSS: 9.9
- Weaponised: No
- Public Awareness: Yes
- Countermeasure: Maybe
Risk Factors:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope / Jump Point: Unchanged / No
Summary: CVE-2024-38199 poses a severe threat due to its potential for remote code execution with minimal effort. The low attack complexity, combined with the fact that it does not require user interaction or privileges, makes it a high-priority vulnerability, especially in environments where the LPD service is in use. Although this vulnerability is not weaponized yet, the public awareness increases the risk of exploitation. Organizations should prioritize applying any available patches or disabling the LPD service if it is not essential, to mitigate the risk of an attack.
| Reference | Description | Vendor Severity | CVSS Score | Weaponised | Publicly Aware | Additional Information | Impact | Exploitability Assessment |
| CVE-2024-38189 | Microsoft Project Remote Code Execution Vulnerability | Important | 8.8 | Yes | No | Remote Code Execution | Exploitation Detected | |
| CVE-2024-38107 | Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Detected |
| CVE-2024-38193 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Detected |
| CVE-2024-38178 | Scripting Engine Memory Corruption Vulnerability | Important | 7.5 | Yes | No | Remote Code Execution | Exploitation Detected | |
| CVE-2024-38106 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.0 | Yes | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Detected |
| CVE-2024-38213 | Windows Mark of the Web Security Feature Bypass Vulnerability | Moderate | 6.5 | Yes | No | An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience. | Security Feature Bypass | Exploitation Detected |
| CVE-2024-38199 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Important | 9.8 | No | Yes | Mitigations: The LPD is not installed or enabled on the systems by default. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38200 | Microsoft Office Spoofing Vulnerability | Important | 7.5 | No | Yes | Configuring the Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers policy setting provides the ability to allow, block, or audit outgoing NTLM traffic from a computer running Windows Server 2008, Windows Server 2008 R2, or later to any remote server running the Windows operating system. Performing this mitigation allows you to block or audit all attempts to connect to remote servers through NTLM authentication. Please note: Modifying this policy setting may affect compatibility with client computers, services, and applications. | Spoofing | Exploitation Less Likely |
| CVE-2024-38202 | Windows Update Stack Elevation of Privilege Vulnerability | Important | 7.3 | No | Yes | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-21302 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Important | 6.7 | No | Yes | Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38063 | Windows TCP/IP Remote Code Execution Vulnerability | Critical | 9.8 | No | No | Systems are not affected if IPv6 is disabled on the target machine. IPv6 is usually enabled by default on modern devices and operating systems. | Remote Code Execution | Exploitation More Likely |
| CVE-2024-38140 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | This vulnerability is only exploitable only if there is a program listening on a Pragmatic General Multicast (PGM) port. If PGM is installed or enabled but no programs are actively listening as a receiver, then this vulnerability is not exploitable. An unauthenticated attacker could exploit the vulnerability by sending specially crafted packets to a Windows Pragmatic General Multicast (PGM) open socket on the server, without any interaction from the user. |
Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38108 | Azure Stack Hub Spoofing Vulnerability | Important | 9.3 | No | No | Scope = Changed, Jump Point = True By sending a specially crafted request to the vulnerable virtual public IP address, the attacker is able to load malicious code into a victim’s browser without having any direct access or connection. |
Spoofing | Exploitation Less Likely |
| CVE-2024-38109 | Azure Health Bot Elevation of Privilege Vulnerability | Critical | 9.1 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-38159 | Windows Network Virtualization Remote Code Execution Vulnerability | Critical | 9.1 | No | No | Scope = Changed, Jump Point = True This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content. |
Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38160 | Windows Network Virtualization Remote Code Execution Vulnerability | Critical | 9.1 | No | No | Scope = Changed, Jump Point = True This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content. |
Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38114 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38115 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38116 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38120 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38121 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38128 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 8.8 | No | No | An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user’s system. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38130 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 8.8 | No | No | An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user’s system. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38131 | Clipboard Virtual Channel Extension Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38144 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important | 8.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38154 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38180 | SmartScreen Prompt Remote Code Execution Vulnerability | Important | 8.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38206 | Microsoft Copilot Studio Information Disclosure Vulnerability | Critical | 8.5 | No | No | Scope = Changed, Jump Point = True | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38166 | Microsoft Dynamics 365 Cross-site Scripting Vulnerability | Critical | 8.2 | No | No | Scope = Changed, Jump Point = True | Spoofing | Exploitation Less Likely |
| CVE-2024-38211 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Important | 8.2 | No | No | Scope = Changed, Jump Point = True The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. |
Spoofing | Exploitation Less Likely |
| CVE-2024-29995 | Windows Kerberos Elevation of Privilege Vulnerability | Important | 8.1 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38084 | Microsoft OfficePlus Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38098 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Unlikely |
| CVE-2024-38117 | NTFS Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38125 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38127 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38133 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38134 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38135 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38141 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38142 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38147 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation More Likely | |
| CVE-2024-38150 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38152 | Windows OLE Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38153 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38162 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-38163 | Windows Update Stack Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38169 | Microsoft Office Visio Remote Code Execution Vulnerability | Important | 7.8 | No | No | The Preview Pane is not an attack vector. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38171 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important | 7.8 | No | No | The Preview Pane is an attack vector. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38172 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | The Preview Pane is not an attack vector. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38177 | Windows App Installer Spoofing Vulnerability | Important | 7.8 | No | No | Spoofing | Exploitation Less Likely | |
| CVE-2024-38184 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-38185 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38186 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38187 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38191 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38195 | Azure CycleCloud Remote Code Execution Vulnerability | Important | 7.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38196 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38215 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-37968 | Windows DNS Spoofing Vulnerability | Important | 7.5 | No | No | Spoofing | Exploitation Less Likely | |
| CVE-2024-38126 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | |
| CVE-2024-38132 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | |
| CVE-2024-38138 | Windows Deployment Services Remote Code Execution Vulnerability | Important | 7.5 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38145 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | |
| CVE-2024-38146 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | |
| CVE-2024-38148 | Windows Secure Channel Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation More Likely | |
| CVE-2024-38168 | .NET and Visual Studio Denial of Service Vulnerability | Important | 7.5 | No | No | Denial of Service | Exploitation Less Likely | |
| CVE-2024-38198 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.5 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation More Likely |
| CVE-2024-38170 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.1 | No | No | The Preview Pane is not an attack vector. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38136 | Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | Important | 7.0 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38137 | Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | Important | 7.0 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38157 | Azure IoT SDK Remote Code Execution Vulnerability | Important | 7.0 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38158 | Azure IoT SDK Remote Code Execution Vulnerability | Important | 7.0 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38201 | Azure Stack Hub Elevation of Privilege Vulnerability | Important | 7.0 | No | No | Elevation of Privilege | Exploitation Less Likely | |
| CVE-2024-38161 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Important | 6.8 | No | No | Remote Code Execution | Exploitation Less Likely | |
| CVE-2024-38223 | Windows Initial Machine Configuration Elevation of Privilege Vulnerability | Important | 6.8 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
| CVE-2024-38173 | Microsoft Outlook Remote Code Execution Vulnerability | Important | 6.7 | No | No | The Preview Pane is an attack vector. | Remote Code Execution | Exploitation Less Likely |
| CVE-2024-38165 | Windows Compressed Folder Tampering Vulnerability | Important | 6.5 | No | No | Tampering | Exploitation Less Likely | |
| CVE-2024-38167 | .NET and Visual Studio Information Disclosure Vulnerability | Important | 6.5 | No | No | An attacker who successfully exploited the vulnerability could read targeted email messages. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38197 | Microsoft Teams for iOS Spoofing Vulnerability | Important | 6.5 | No | No | Spoofing | Exploitation Less Likely | |
| CVE-2024-38214 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important | 6.5 | No | No | Information Disclosure | Exploitation Less Likely | |
| CVE-2024-38118 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | Important | 5.5 | No | No | An attacker who successfully exploited this vulnerability could potentially read small portions of stack memory. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38122 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | Important | 5.5 | No | No | An attacker who successfully exploited this vulnerability could potentially read small portions of stack memory. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38151 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | No | No | The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a small amount of kernel memory which could be leaked back to the attacker. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38155 | Security Center Broker Information Disclosure Vulnerability | Important | 5.5 | No | No | An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38123 | Windows Bluetooth Driver Information Disclosure Vulnerability | Important | 4.4 | No | No | Exploiting this vulnerability could allow the disclosure of certain kernel memory content. | Information Disclosure | Exploitation Less Likely |
| CVE-2024-38143 | Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | Important | 4.2 | No | No | An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. | Elevation of Privilege | Exploitation Less Likely |
Do you need help keeping up patches? Syxsense’s automated patch management capabilities helps enterprises patch faster and more accurately. Schedule a consultation with us to learn how we can help you.
