CVE-2024-21305
Published Jan 9, 2024
Last updated 5 months ago
Overview
- Description
- Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
#exploit 1. CVE-2024-46538: PfSense Stored XSS lead to RCE https://t.co/vUesdOWtWH 2. CVE-2024-8353: GiveWP PHP Object Injection https://t.co/vP0hdnetFt 3. CVE-2024-21305: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability https://t.co/D94i5ipdWw
@akaclandestine
Oct 25, 2024 9:26 AM
1403 Impressions
16 Retweets
18 Likes
9 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-46538: PfSense Stored XSS lead to RCE https://t.co/8dNiDgVadB 2. CVE-2024-8353: GiveWP PHP Object Injection https://t.co/FuDSBkSp7w 3. CVE-2024-21305: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability https://t.co/mTbo11WGyQ
@ksg93rd
Oct 24, 2024 5:31 PM
312 Impressions
3 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.4
- Impact score
- 3.6
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-732
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB2C6F0A-4519-43AE-A36D-39F968FF3DCD",
"versionEndExcluding": "10.0.17763.5329"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26D9519C-EC1F-48D1-89F5-2DCBF84C8251",
"versionEndExcluding": "10.0.19044.3930"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9B6C6A0-6A10-4A8B-9DF2-D00CE5F863BD",
"versionEndExcluding": "10.0.19045.3930"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "290AE500-245E-4C97-953C-05D679164894",
"versionEndExcluding": "10.0.22000.2713"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8145E3A1-AA48-49CD-A391-8BA9F3860316",
"versionEndExcluding": "10.0.22621.3007"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04D7A1EA-2E86-4600-A7B8-DAA5ACABE8D0",
"versionEndExcluding": "10.0.22631.3007"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51DCD313-6848-46DD-B4C6-DA2A8F6291CD",
"versionEndExcluding": "10.0.17763.5329"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13224366-AD63-4CAD-85D1-F9599CFE1B14",
"versionEndExcluding": "10.0.20348.2227"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B57577F-8313-4AFF-9E30-0C928D87C4AF",
"versionEndExcluding": "10.0.25398.643"
}
],
"operator": "OR"
}
]
}
]