PT-2024-4270 · Microsoft · Windows+1

Chompie1337

Published

2024-06-11

Updated

2025-12-14

CVE-2024-30089

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Streaming Service (affected versions not specified) Windows (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the Microsoft Streaming Service of Windows operating systems, which can allow an attacker to elevate their privileges. This vulnerability can be exploited locally.

Recommendations For Microsoft Streaming Service, consider restricting access to the service until a patch is available. For Windows, apply the recommended security updates as soon as they are available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2024-04757

CVE-2024-30089

ZDI-24-607

Affected Products

Streaming Service

Windows

PT-2024-4270 · Microsoft · Windows+1

CVE-2024-30089

Weakness Enumeration

Related Identifiers

Affected Products

References · 10