virus logo Intrusion Prevention

MS.Windows.Win32k.CVE-2024-21346.Privilege.Elevation

description-logoDescription

This indicates an attack attempt to exploit an Elevation Of Privilege Vulnerability in Microsoft Windows Win32K kernel driver.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted file. Successful exploitation could result in elevation of privilege within the context of the vulnerable system.

affected-products-logoAffected Products

Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)

Impact logoImpact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21346

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-07-15 28.826
Modified
 Name:MS.
Windows.
Win32k.
CVE-2024-21346.
Elevation.
of.
Privilege:MS.
Windows.
Win32k.
CVE-2024-21346.
Privilege.
Elevation
2024-02-21 26.737
Modified
 Default_action:pass:drop
2024-02-13 26.732
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21346
ID 54620
Created Feb 13, 2024
Updated Jul 11, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 3.49%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type Permission/Privilege/Access Control