Multiple vulnerabilities in Microsoft Secure Boot
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 24 |
| CVE-ID | CVE-2024-28922 CVE-2024-20669 CVE-2024-29062 CVE-2024-26189 CVE-2024-28898 CVE-2024-28919 CVE-2024-20688 CVE-2024-28921 CVE-2024-26250 CVE-2024-28924 CVE-2024-26175 CVE-2024-26171 CVE-2024-26168 CVE-2024-28897 CVE-2024-28903 CVE-2024-26240 CVE-2024-29061 CVE-2024-28920 CVE-2024-20689 CVE-2024-28896 CVE-2024-28925 CVE-2024-28923 CVE-2024-26194 CVE-2024-26180 |
| CWE-ID | CWE-284 CWE-693 CWE-367 CWE-20 CWE-121 CWE-125 CWE-190 CWE-122 CWE-347 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 24 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU88391
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28922
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in Secure Boot. An authenticated attacker with physical access can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28922
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Protection Mechanism Failure
EUVDB-ID: #VU88417
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20669
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local administrator can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20669
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Time-of-check Time-of-use (TOCTOU) Race Condition
EUVDB-ID: #VU88416
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-29062
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition in Secure Boot. A remote attacker on the local network can cause a race condition and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29062
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU88415
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26189
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input in Secure Boot. A remote attacker on the local network can pass specially crafted input to the application and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26189
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Stack-based buffer overflow
EUVDB-ID: #VU88414
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28898
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A remote administrator on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28898
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Protection Mechanism Failure
EUVDB-ID: #VU88413
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28919
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local administrator can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28919
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Stack-based buffer overflow
EUVDB-ID: #VU88412
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20688
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A remote unauthenticated attacker on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20688
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Protection Mechanism Failure
EUVDB-ID: #VU88411
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28921
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local administrator can compromise the target system.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local administrator can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28921
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Protection Mechanism Failure
EUVDB-ID: #VU88410
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26250
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local administrator can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26250
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Stack-based buffer overflow
EUVDB-ID: #VU88409
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28924
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A local administrator can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28924
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU88408
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26175
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to a boundary condition in Secure Boot. A local user can trigger an out-of-bounds read error and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26175
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Integer overflow
EUVDB-ID: #VU88405
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26171
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to integer overflow in Secure Boot. A local administrator can pass specially crafted data to the application, trigger integer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26171
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Heap-based buffer overflow
EUVDB-ID: #VU88404
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26168
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Secure Boot. An attacker with physical access can pass specially crafted data to the application, trigger a heap-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 R2 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26168
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU88403
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28897
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input in Secure Boot. A remote administrator on the local network can pass specially crafted input to the application and bypass Secure Boot
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28897
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Protection Mechanism Failure
EUVDB-ID: #VU88402
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28903
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local administrator can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28903
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Input validation error
EUVDB-ID: #VU88401
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26240
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromsie the target system.
The vulnerability exists due to insufficient validation of user-supplied input in Secure Boot. A remote attacker on the local network can pass specially crafted input to the application and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2008 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Stack-based buffer overflow
EUVDB-ID: #VU88400
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-29061
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A local user can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29061
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Protection Mechanism Failure
EUVDB-ID: #VU88399
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28920
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in Secure Boot. A local user can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2019 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28920
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Stack-based buffer overflow
EUVDB-ID: #VU88398
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20689
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A remote unauthenticated attacker on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20689
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Heap-based buffer overflow
EUVDB-ID: #VU88397
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28896
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A remote attacker on the local network can pass specially crafted data to the application, trigger a heap-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28896
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Stack-based buffer overflow
EUVDB-ID: #VU88396
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28925
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error Secure Boot. A remote attacker on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2008 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28925
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Integer overflow
EUVDB-ID: #VU88395
Risk: Low
CVSSv3.1: 5.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28923
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to integer overflow in Secure Boot. A local adminisrator can pass specially crafted data to the application, trigger integer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28923
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU88393
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26194
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to improper verification of cryptographic signature in Secure Boot. A local attacker can bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2008 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26194
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Stack-based buffer overflow
EUVDB-ID: #VU88392
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26180
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error in Secure Boot. A remote unauthenticated attacker on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 - 11 23H2
Windows Server: 2012 - 2022 23H2
External linkshttp://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26180
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
