cve-2024-38202
Vulnerability from cvelistv5
Published
2024-08-08 01:59
Modified
2024-09-17 23:33
Severity
Summary
Windows Update Stack Elevation of Privilege Vulnerability
References
| Source | URL | Tags |
|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202 | Patch, Vendor Advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38202",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T03:55:42.933240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T12:37:35.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2024-08-07T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Summary\nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.\nMicrosoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.\nThis CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.\nDetails\nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.\nMicrosoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now \u2013 Microsoft Security Response Center.\nMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.\nRecommended Actions\nThe following recommendations do not mitigate the... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T23:33:44.546Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Update Stack Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202"
}
],
"title": "Windows Update Stack Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38202",
"datePublished": "2024-08-08T01:59:34.177Z",
"dateReserved": "2024-06-11T22:36:08.221Z",
"dateUpdated": "2024-09-17T23:33:44.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-38202\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2024-08-08T02:15:38.180\",\"lastModified\":\"2024-09-18T00:15:06.253\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Summary\\nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.\\nMicrosoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.\\nThis CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.\\nDetails\\nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.\\nMicrosoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now \u2013 Microsoft Security Response Center.\\nMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.\\nRecommended Actions\\nThe following recommendations do not mitigate the... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202\"},{\"lang\":\"es\",\"value\":\"Resumen: Se notific\u00f3 a Microsoft que existe una vulnerabilidad de elevaci\u00f3n de privilegios en Copias de seguridad de Windows, lo que podr\u00eda permitir que un atacante con privilegios de usuario b\u00e1sicos reintroduzca vulnerabilidades previamente mitigadas o eluda algunas caracter\u00edsticas de Seguridad basada en virtualizaci\u00f3n (VBS). Sin embargo, un atacante que intente aprovechar esta vulnerabilidad requiere interacci\u00f3n adicional por parte de un usuario privilegiado para tener \u00e9xito. Microsoft est\u00e1 desarrollando una actualizaci\u00f3n de seguridad para mitigar esta amenaza, pero a\u00fan no est\u00e1 disponible. En la secci\u00f3n acciones recomendadas de este CVE se proporciona orientaci\u00f3n para ayudar a los clientes a reducir los riesgos asociados con esta vulnerabilidad y proteger sus sistemas hasta que la mitigaci\u00f3n est\u00e9 disponible en una actualizaci\u00f3n de seguridad de Windows. Este CVE se actualizar\u00e1 y se notificar\u00e1 a los clientes cuando la mitigaci\u00f3n oficial est\u00e9 disponible en una actualizaci\u00f3n de seguridad de Windows. Recomendamos encarecidamente a los clientes que se suscriban a las notificaciones de la Gu\u00eda de actualizaci\u00f3n de seguridad para recibir una alerta cuando se produzca esta actualizaci\u00f3n. Detalles Un investigador de seguridad inform\u00f3 a Microsoft sobre una vulnerabilidad de elevaci\u00f3n de privilegios en Windows Backup que podr\u00eda permitir a un atacante con privilegios de usuario b\u00e1sicos reintroducir vulnerabilidades previamente mitigadas o eludir algunas caracter\u00edsticas de VBS. Para que la explotaci\u00f3n tenga \u00e9xito, un atacante debe enga\u00f1ar o convencer a un administrador o usuario con permisos delegados para que realice una restauraci\u00f3n del sistema, lo que inadvertidamente desencadena la vulnerabilidad. Microsoft est\u00e1 desarrollando una actualizaci\u00f3n de seguridad que mitigar\u00e1 esta vulnerabilidad, pero a\u00fan no est\u00e1 disponible. Este CVE se actualizar\u00e1 con nueva informaci\u00f3n y enlaces a las actualizaciones de seguridad una vez que est\u00e9n disponibles. Recomendamos encarecidamente a los clientes que se suscriban a las notificaciones de la Gu\u00eda de actualizaciones de seguridad para recibir alertas sobre las actualizaciones. Consulte la Gu\u00eda de actualizaciones de seguridad y notificaciones t\u00e9cnicas de seguridad de Microsoft. Noticias del sistema de notificaciones: cree su perfil ahora: Centro de respuestas de seguridad de Microsoft. Microsoft no tiene conocimiento de ning\u00fan intento de aprovechar esta vulnerabilidad. Sin embargo, el 7 de agosto de 2024 se realiz\u00f3 una presentaci\u00f3n p\u00fablica sobre esta vulnerabilidad en BlackHat. La presentaci\u00f3n se coordin\u00f3 adecuadamente con Microsoft, pero puede cambiar el panorama de amenazas. Los clientes preocupados por estos riesgos deben consultar la gu\u00eda proporcionada en la secci\u00f3n Acciones recomendadas para proteger sus sistemas. Acciones recomendadas Las siguientes recomendaciones no mitigan la vulnerabilidad, pero pueden usarse para reducir el riesgo de explotaci\u00f3n hasta que la actualizaci\u00f3n de seguridad est\u00e9 disponible. Audite a los usuarios con permiso para realizar operaciones de copia de seguridad y restauraci\u00f3n para garantizar que solo los usuarios adecuados puedan realizar estas operaciones. Auditor\u00eda: Audite el uso del privilegio de Copia de seguridad y restauraci\u00f3n (Windows 10) - Windows 10 | Microsoft Learn Implemente una lista de control de acceso o listas de control de acceso discrecionales para restringir el acceso o la modificaci\u00f3n de los archivos de copia de seguridad y realizar operaciones de restauraci\u00f3n para los usuarios adecuados, por ejemplo, solo administradores. Descripci\u00f3n general del control de acceso | Listas de control de acceso discrecional (DACL) de Microsoft Learn La auditor\u00eda de los privilegios confidenciales utilizados para identificar el acceso, la modificaci\u00f3n o el reemplazo de archivos relacionados con la copia de seguridad podr\u00eda ayudar a indicar intentos de aprovechar esta vulnerabilidad. Auditar el uso de privilegios confidenciales - Windows 10 | Microsoft aprende\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]},{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61019899-D7AF-46E4-A72C-D189180F66AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E332666-2E03-468E-BC30-299816D6E8ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F513002-D8C1-4D3A-9F79-4B52498F67E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8DC08D-A860-493A-8AA6-1AD4A0A511AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB4AE761-6FAC-4000-A63D-42CE3FAB8412\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4793BFB-2E4E-4067-87A5-4B8749025CA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42D329B2-432D-4029-87EB-4C3C5F55CD95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CCACE6-A0EE-4A6F-BD5A-7AA504B02717\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading...