CVE-2024-43625

Published Nov 12, 2024

Last updated 2 days ago

CVSS high 8.1

Overview

Description: Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
Source: secure@microsoft.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 6
Exploitability score: 1.4
Vector string: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secure@microsoft.com: CWE-416

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4",
            "versionEndExcluding": "10.0.22621.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94",
            "versionEndExcluding": "10.0.22621.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4",
            "versionEndExcluding": "10.0.22631.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC",
            "versionEndExcluding": "10.0.22631.4460"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531",
            "versionEndExcluding": "10.0.26100.2314"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998",
            "versionEndExcluding": "10.0.26100.2314"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641",
            "versionEndExcluding": "10.0.20348.2849"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975",
            "versionEndExcluding": "10.0.25398.1251"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054",
            "versionEndExcluding": "10.0.26100.2314"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References