cve-2024-43636
Vulnerability from cvelistv5
Published
2024-11-12 17:54
Modified
2025-01-30 00:10
Severity ?
EPSS score ?
Summary
Win32k Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43636 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.6532 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-43636", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-14T04:55:24.390671Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-09T16:35:07.154Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.6532", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.6532", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.6532", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { lessThan: "10.0.20348.2849", status: "affected", version: "10.0.20348.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 21H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19044.5131", status: "affected", version: "10.0.19043.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", "x64-based Systems", ], product: "Windows 11 version 22H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.22621.4460", status: "affected", version: "10.0.22621.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems", ], product: "Windows 10 Version 22H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19045.5131", status: "affected", version: "10.0.19045.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", ], product: "Windows 11 version 22H3", vendor: "Microsoft", versions: [ { lessThan: "10.0.22631.4460", status: "affected", version: "10.0.22631.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows 11 Version 23H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.22631.4460", status: "affected", version: "10.0.22631.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022, 23H2 Edition (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.25398.1251", status: "affected", version: "10.0.25398.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", "x64-based Systems", ], product: "Windows 11 Version 24H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.26100.2314", status: "affected", version: "10.0.26100.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1507", vendor: "Microsoft", versions: [ { lessThan: "10.0.10240.20826", status: "affected", version: "10.0.10240.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1607", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.7515", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.7515", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.7515", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.22267", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.22267", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2025", vendor: "Microsoft", versions: [ { lessThan: "10.0.26100.2314", status: "affected", version: "10.0.26100.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2025 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.26100.2314", status: "affected", version: "10.0.26100.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.17763.6532", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.6532", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.6532", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.20348.2849", versionStartIncluding: "10.0.20348.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.19044.5131", versionStartIncluding: "10.0.19043.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*", versionEndExcluding: "10.0.22621.4460", versionStartIncluding: "10.0.22621.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", versionEndExcluding: "10.0.19045.5131", versionStartIncluding: "10.0.19045.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", versionEndExcluding: "10.0.22631.4460", versionStartIncluding: "10.0.22631.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", versionEndExcluding: "10.0.22631.4460", versionStartIncluding: "10.0.22631.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.25398.1251", versionStartIncluding: "10.0.25398.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", versionEndExcluding: "10.0.26100.2314", versionStartIncluding: "10.0.26100.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.10240.20826", versionStartIncluding: "10.0.10240.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.14393.7515", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.7515", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.7515", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.22267", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.22267", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.26100.2314", versionStartIncluding: "10.0.26100.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.26100.2314", versionStartIncluding: "10.0.26100.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2024-11-12T08:00:00.000Z", descriptions: [ { lang: "en-US", value: "Win32k Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822: Untrusted Pointer Dereference", lang: "en-US", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-30T00:10:08.697Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Win32k Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43636", }, ], title: "Win32k Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2024-43636", datePublished: "2024-11-12T17:54:04.026Z", dateReserved: "2024-08-14T01:08:33.556Z", dateUpdated: "2025-01-30T00:10:08.697Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.10240.20826\", \"matchCriteriaId\": \"94D57126-EC8D-4898-A5FE-D7EB6463B634\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.10240.20826\", \"matchCriteriaId\": \"54AA8A1F-0EAD-406A-A4AF-B86C316D1089\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.14393.7515\", \"matchCriteriaId\": \"86F8F1B2-C206-4CD6-83C6-C450329CEE10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.14393.7515\", \"matchCriteriaId\": \"FCBE6103-075E-4841-836D-4E0D630E99FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.17763.6532\", \"matchCriteriaId\": \"81C732A1-CC0F-4633-B00D-473869E77DB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.17763.6532\", \"matchCriteriaId\": \"AF9C20B8-CB5E-46C9-B041-D6A42C26703B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.19044.5131\", \"matchCriteriaId\": \"71AD0B79-C3EF-4E13-AB04-D5FAEABA6954\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.19044.5131\", \"matchCriteriaId\": \"B35413A3-DE3B-4E35-AB48-C6D5D138AC07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.19044.5131\", \"matchCriteriaId\": \"D0558F5F-A561-41E9-9242-7F4A5D924479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.19045.5131\", \"matchCriteriaId\": \"EA243DE7-EDB1-43DA-AD7E-541843DECB58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.19045.5131\", \"matchCriteriaId\": \"5D428E06-FC7C-4151-9582-D66D05D7AFE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.19045.5131\", \"matchCriteriaId\": \"FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.22621.4460\", \"matchCriteriaId\": \"04BC0915-6F14-4D7A-951F-83CBAB47C3C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.22621.4460\", \"matchCriteriaId\": \"8A16CFCB-D002-4F63-B568-9D14ACE88E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.22631.4460\", \"matchCriteriaId\": \"B8FE14E5-7226-43CA-A57E-A81636185AD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.22631.4460\", \"matchCriteriaId\": \"97507261-3969-4EBF-BCED-93FBADCBB6DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.26100.2314\", \"matchCriteriaId\": \"D32C04CA-E5BE-47CA-AF79-B39859288531\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.26100.2314\", \"matchCriteriaId\": \"40A6B92E-21C6-4BDD-BA57-DC227FF0F998\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.14393.7515\", \"matchCriteriaId\": \"82E3AC46-9D0D-4381-93EE-FE87C212040A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.17763.6532\", \"matchCriteriaId\": \"A43E1F6C-B2A7-4DEC-B4EC-04153746C42B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.20348.2849\", \"matchCriteriaId\": \"38D9CE84-B85F-42B0-959D-A390427A1641\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.25398.1251\", \"matchCriteriaId\": \"A549BD98-3DE2-4EF3-A579-12AFCB764975\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.26100.2314\", \"matchCriteriaId\": \"4F17FD7F-254D-4EE6-9D22-468E76D9B054\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Win32k Elevation of Privilege Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de elevaci\\u00f3n de privilegios en Win32k\"}]", id: "CVE-2024-43636", lastModified: "2024-11-18T22:21:28.470", metrics: "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}", published: "2024-11-12T18:15:32.537", references: "[{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43636\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]", sourceIdentifier: "secure@microsoft.com", vulnStatus: "Analyzed", weaknesses: "[{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-822\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-43636\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2024-11-12T18:15:32.537\",\"lastModified\":\"2024-11-18T22:21:28.470\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Win32k Elevation of Privilege Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de elevación de privilegios en Win32k\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-822\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.10240.20826\",\"matchCriteriaId\":\"94D57126-EC8D-4898-A5FE-D7EB6463B634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.10240.20826\",\"matchCriteriaId\":\"54AA8A1F-0EAD-406A-A4AF-B86C316D1089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.7515\",\"matchCriteriaId\":\"86F8F1B2-C206-4CD6-83C6-C450329CEE10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.7515\",\"matchCriteriaId\":\"FCBE6103-075E-4841-836D-4E0D630E99FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.6532\",\"matchCriteriaId\":\"81C732A1-CC0F-4633-B00D-473869E77DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.6532\",\"matchCriteriaId\":\"AF9C20B8-CB5E-46C9-B041-D6A42C26703B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.19044.5131\",\"matchCriteriaId\":\"71AD0B79-C3EF-4E13-AB04-D5FAEABA6954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.19044.5131\",\"matchCriteriaId\":\"B35413A3-DE3B-4E35-AB48-C6D5D138AC07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.19044.5131\",\"matchCriteriaId\":\"D0558F5F-A561-41E9-9242-7F4A5D924479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.19045.5131\",\"matchCriteriaId\":\"EA243DE7-EDB1-43DA-AD7E-541843DECB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.19045.5131\",\"matchCriteriaId\":\"5D428E06-FC7C-4151-9582-D66D05D7AFE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.19045.5131\",\"matchCriteriaId\":\"FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.22621.4460\",\"matchCriteriaId\":\"04BC0915-6F14-4D7A-951F-83CBAB47C3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.22621.4460\",\"matchCriteriaId\":\"8A16CFCB-D002-4F63-B568-9D14ACE88E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.22631.4460\",\"matchCriteriaId\":\"B8FE14E5-7226-43CA-A57E-A81636185AD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.22631.4460\",\"matchCriteriaId\":\"97507261-3969-4EBF-BCED-93FBADCBB6DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.26100.2314\",\"matchCriteriaId\":\"D32C04CA-E5BE-47CA-AF79-B39859288531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.2314\",\"matchCriteriaId\":\"40A6B92E-21C6-4BDD-BA57-DC227FF0F998\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.14393.7515\",\"matchCriteriaId\":\"82E3AC46-9D0D-4381-93EE-FE87C212040A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.6532\",\"matchCriteriaId\":\"A43E1F6C-B2A7-4DEC-B4EC-04153746C42B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.2849\",\"matchCriteriaId\":\"38D9CE84-B85F-42B0-959D-A390427A1641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.25398.1251\",\"matchCriteriaId\":\"A549BD98-3DE2-4EF3-A579-12AFCB764975\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.26100.2314\",\"matchCriteriaId\":\"4F17FD7F-254D-4EE6-9D22-468E76D9B054\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43636\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43636\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-14T04:55:24.390671Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T16:03:56.689Z\"}}], \"cna\": {\"title\": \"Win32k Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6532\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6532\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.6532\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.2849\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19043.0\", \"lessThan\": \"10.0.19044.5131\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22621.0\", \"lessThan\": \"10.0.22621.4460\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.5131\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\", \"ARM64-based Systems\", \"32-bit Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.4460\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.4460\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.1251\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2314\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1507\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.10240.0\", \"lessThan\": \"10.0.10240.20826\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1607\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7515\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7515\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.7515\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22267\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.22267\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2314\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.2314\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2024-11-12T08:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43636\", \"name\": \"Win32k Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Win32k Elevation of Privilege Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-822\", \"description\": \"CWE-822: Untrusted Pointer Dereference\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6532\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6532\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.6532\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.2849\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19044.5131\", \"versionStartIncluding\": \"10.0.19043.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22621.4460\", \"versionStartIncluding\": \"10.0.22621.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.5131\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.4460\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.4460\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.1251\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2314\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.10240.20826\", \"versionStartIncluding\": \"10.0.10240.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7515\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7515\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.7515\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.22267\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.22267\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2314\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.2314\", \"versionStartIncluding\": \"10.0.26100.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-01-30T00:10:08.697Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-43636\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-30T00:10:08.697Z\", \"dateReserved\": \"2024-08-14T01:08:33.556Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2024-11-12T17:54:04.026Z\", \"assignerShortName\": \"microsoft\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.