- Description
- Windows Kernel Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
- Exploit added on
- Oct 15, 2024
- Exploit action due
- Nov 5, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
#CyberSecurity #Malware CVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability https://t.co/dGSNhbAN6U
@Komodosec
27 Dec 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability https://t.co/Y6ggZaHWlx
@Dinosn
25 Dec 2024
2249 Impressions
0 Retweets
11 Likes
7 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-53961 2 - CVE-2024-30085 3 - CVE-2024-56375 4 - CVE-2024-30088 5 - CVE-2024-56337 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
25 Dec 2024
128 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
ハッカー集団OilRig/APT34が、Windowsカーネルのゼロデイ脆弱性を使用しUAE等湾岸諸国の重要インフラ及び政府組織を攻撃。Picus Security社報告。悪用されたCVE-2024-30088は権限昇格。STEALHOOKバックドアを使用。DLL投下で平文パスワードを抽出。Ngrokでトンネル。 https://t.co/y1XhMtalKV
@__kokumoto
24 Dec 2024
1817 Impressions
3 Retweets
15 Likes
4 Bookmarks
1 Reply
1 Quote
OilRig (APT34) specializes in: ⚙️ Exploiting zero-days (CVE-2024-30088) 📊 Obfuscation & evasion tactics 🔑 Credential theft Learn how this advanced group operates and how to defend against them. 👉 Full analysis: https://t.co/SGHOc0W23s #CyberSecurity #APT34 #OilRig
@PicusSecurity
24 Dec 2024
2267 Impressions
14 Retweets
39 Likes
18 Bookmarks
0 Replies
0 Quotes
🔴 #Windows Kernel Elevation of Privilege Vulnerability (#CVE-2024-30088) (Critical) - Critical https://t.co/kJ0veSPjO9
@dailycve
29 Nov 2024
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-30088
@transilienceai
25 Oct 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-30088 is getting exploited #inthewild. Find out more at https://t.co/QiT95nLyZp CVE-2021-4444 is getting exploited #inthewild. Find out more at https://t.co/uq5M6rwnfk CVE-2024-40711 is getting exploited #inthewild. Find out more at https://t.co/T1KmDbBwqH
@inthewildio
23 Oct 2024
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyberattacchi di OilRig nel Medio Oriente: analisi approfondita Sicurezza Informatica, apt34, CVE-2024-30088, Earth Simnavaz, exchange, guerra cibernetica, malware, Medio Oriente, oilrig, server https://t.co/caTMgyA03z https://t.co/1dmBNngLOb
@matricedigitale
22 Oct 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ThreatProtection Read more about Symantec Data Center Security (DCS) protection against CVE-2024-30088. https://t.co/1CTnMfBTxr #Vulnerability
@threatintel
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
گروه هکری ایرانی با نام Earth Simnavaz با استفاده از تکنینک های پیچیده اقدام به دسترسی به سرورها و شبکه های امارات نموده اند. این گروه هکری با اکسپلویت کردن آسیب پذیری مربوط به Exchange با کد شناسایی CVE-2024-30088 اقدام به سرقت اطلاعات نموده است. https://t.co/Y2P1U3eX7Y https://
@AmirHossein_sec
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF7733FD-F870-4578-A567-9900AD6C78E3",
"versionEndExcluding": "10.0.10240.20680"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "0F5BFA22-D18B-47A8-B26F-882E0910FE6B",
"versionEndExcluding": "10.0.14393.7070"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "1EA9F602-3E4B-4A9B-8D15-D8CA75CA859B",
"versionEndExcluding": "10.0.14393.7070"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B52F95E-6080-46C6-B4B6-E2B3F3E78456",
"versionEndExcluding": "10.0.17763.5936"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CEAF689-E8DB-4D3C-BC2E-B386BC077BC5",
"versionEndExcluding": "10.0.19044.4529"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "970F54FC-F4ED-49B9-BE94-96B7212FD149",
"versionEndExcluding": "10.0.19045.4529"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84ECD6C0-8C47-4D2F-82B5-4F8C0BBC5FEE",
"versionEndExcluding": "10.0.22000.3019"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E80DF17-1F27-474E-B147-9F5B6C494300",
"versionEndExcluding": "10.0.22621.3737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4258468C-56CC-45C0-B510-FC833E942876",
"versionEndExcluding": "10.0.22631.3737"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA61AAF0-D769-4287-AA5C-EFDAD067E9F1",
"versionEndExcluding": "10.0.14393.7070"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12F9D974-A968-4CBB-81D8-C73B76DD284A",
"versionEndExcluding": "10.0.17763.5936"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "498A643B-0180-4AD3-BD7C-5E3CEB0FD112",
"versionEndExcluding": "10.0.20348.2522"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EA59E2D-57B2-4E8B-937A-3EB51A3AD285",
"versionEndExcluding": "10.0.25398.950"
}
],
"operator": "OR"
}
]
}
]