PT-2024-5650 · Microsoft · Windows Server+2
Ezrakiez
·
Published
2024-08-13
·
Updated
2024-09-05
·
CVE-2024-38215
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Windows Cloud Files Mini Filter Driver (affected versions not specified)
Windows Server versions up to Server 2022 23H2
Description
The issue is related to an elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver. It is associated with an integer overflow. Exploitation of this issue may allow an attacker to elevate their privileges. The vulnerability allows attackers to impact the system.
Recommendations
For Windows Cloud Files Mini Filter Driver, consider disabling the vulnerable driver until a patch is available.
For Windows Server versions up to Server 2022 23H2, restrict access to the Cloud Files Mini Filter Driver to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Cloud Files Mini Filter Driver
Windows Server