PT-2024-6253 · Microsoft · Windows 11+2
Published
2024-09-10
·
Updated
2024-09-20
·
CVE-2024-38257
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows 10 versions 1607 through 10.0.14393.7336
Microsoft Windows 10 versions 1809 through 10.0.17763.6293
Microsoft Windows 10 versions 21h1 through 10.0.19044.4894
Microsoft Windows 10 versions 22h2 through 10.0.19041.4894 and 10.0.19045.4894
Microsoft Windows 11 versions 21h2 through 10.0.22000.3197
Description
The vulnerability is related to the use of an uninitialized resource in the AllJoyn API technology in the Windows operating system. Exploitation of this issue may allow a remote attacker to disclose protected information. The vulnerability allows attackers to obtain sensitive information and affect the system.
Recommendations
For Microsoft Windows 10 version 1607, update to a version later than 10.0.14393.7336.
For Microsoft Windows 10 version 1809, update to a version later than 10.0.17763.6293.
For Microsoft Windows 10 version 21h1, update to a version later than 10.0.19044.4894.
For Microsoft Windows 10 version 22h2, update to a version later than 10.0.19041.4894 and 10.0.19045.4894.
For Microsoft Windows 11 version 21h2, update to a version later than 10.0.22000.3197.
Fix
Use of Uninitialized Resource
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 10
Windows 11