CVE-2024-26170

Published Mar 12, 2024

Last updated 4 months ago

CVSS high 7.8
Windows
CimFS

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-26170 is an elevation of privilege vulnerability affecting the Windows Composite Image File System (CimFS). It stems from a flaw in how CimFS handles certain image files. Successful exploitation of this vulnerability could allow an attacker to gain elevated system privileges.

Description
Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-20
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

Configurations