- Description
- Windows Task Scheduler Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
- Exploit added on
- Nov 12, 2024
- Exploit action due
- Dec 3, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-287
- Hype score
- Not currently trending
#threatreport #LowCompleteness Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time | 15-02-2025 Source: https://t.co/p7Shx8IIy0 Key details below ↓ 💀Threats: Lockbit, Glupteba, Romcom_rat, 🔓CVEs: CVE-2024-49039 \[[Vulners](https://t.co/EFNC8EcyZn)] - CVSS V3.1:…
@rst_cloud
15 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/JxXsmCb7w8 https://t.co/TxtPcFl50p
@NickBla41002745
13 Dec 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49039로 식별된 Windows 작업 스케줄러의 중대한 제로데이 취약성 에 대한 개념 증명(PoC) 익스플로잇이 공개되었습니다 . 야생에서 활발하게 악용되고 있는 이 권한 상승 결함은 전 세계 Windows 사용자에게 상당한 위협을 가하고 있습니다.
@YoonjaeN21
9 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/f42l3yqRbw https://t.co/TjBVukkrIB
@Trej0Jass
8 Dec 2024
175 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/nCSTIcMMoQ https://t.co/s4oP1QICCW
@NickBla41002745
6 Dec 2024
160 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - je5442804/WPTaskScheduler_CVE-2024-49039: WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
@CyberM4te
6 Dec 2024
157 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-49039: Windows Task Scheduler EoP https://t.co/EGadnpuUwM 2. CVE-2024-44308: Apple Safari JavaScriptCore RCE https://t.co/ixNxb7ZROn 3. CVE-2024-8672: Authenticated Contributor RCE in Widget Options Plugin https://t.co/4Z7DoclzIe
@akaclandestine
5 Dec 2024
1171 Impressions
6 Retweets
13 Likes
11 Bookmarks
0 Replies
0 Quotes
🚨 RomCom Group Exploits Critical Zero-Days!🚨 CVE-2024-9680 (Firefox) CVE-2024-49039 (Windows) #CyberSecurity #ZeroDay #RomComGroup #infosec https://t.co/WtjLbdLV4T
@decrypting_sec
5 Dec 2024
168 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49039: Windows Task Scheduler EoP https://t.co/syDh3T8wKU
@ShaiiikShoaiiib
4 Dec 2024
94 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
#exploit 1. CVE-2024-49039: Windows Task Scheduler EoP https://t.co/bnmDNN2g0C 2. CVE-2024-44308: Apple Safari JavaScriptCore RCE https://t.co/Dtori8bcJ7 3. CVE-2024-8672: Authenticated Contributor RCE in Widget Options Plugin https://t.co/DHCWp89DtD
@ksg93rd
4 Dec 2024
1333 Impressions
10 Retweets
29 Likes
17 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/dKp5G0TR3P https://t.co/lzoDqvH31f
@pcasano
4 Dec 2024
22 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Files in Word; Sat Receiver DDoS Agent; Veeam Vuln; CVE-2024-49039 PoC; https://t.co/h8cH1CGets https://t.co/yaFgpD8y1C
@sans_isc
4 Dec 2024
1753 Impressions
1 Retweet
5 Likes
1 Bookmark
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/lxKOiRN55s https://t.co/RphAU50zi2
@IT_Peurico
3 Dec 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-Day Exploit Code Released for Windows Task Scheduler Flaw (CVE-2024-49039), Actively Exploited by RomCom Group https://t.co/XRrouZUz7O
@Dinosn
3 Dec 2024
11190 Impressions
67 Retweets
191 Likes
97 Bookmarks
2 Replies
3 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/iASd6FaQgC https://t.co/pQasmud8Ez
@TechMash365
3 Dec 2024
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windowsタスクスケジューラのゼロデイ脆弱性CVE-2024-49039に対応するPoC(攻撃の概念実証コード)が公開された。CVE-2024-49039は権限昇格の脆弱性。既にサイバー犯罪集団RomComにより悪用されている。 https://t.co/YvsKNA3PUJ
@__kokumoto
3 Dec 2024
1166 Impressions
3 Retweets
16 Likes
8 Bookmarks
1 Reply
0 Quotes
The latest Patch Tuesday update includes a dangerous Windows Task Scheduler vulnerability (CVE-2024-49039) that could give attackers elevated access to your systems. Protect your infrastructure by applying this patch immediately. https://t.co/5H4iv6HVdb
@Shift6Security
2 Dec 2024
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft's November Patch Tuesday addresses 89 vulnerabilities, including 2 zero-days actively exploited. CVE-2024-49039 impacts Task Scheduler. #Microsoft #cybersecurity https://t.co/7L2akYUhqw
@coulter_johnson
1 Dec 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
3/11 Understand the severity of CVE-2024-49039 in @Windows Task Scheduler, leading to privilege escalation. @Microsoft has patched it, but what's the real damage? #WindowsSecurity #CyberDefense ⚠️
@Eth1calHackrZ
30 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/RDNXmXNeK4 https://t.co/iSot4XacYA
@Art_Capella
29 Nov 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/T7yfIurPol https://t.co/HBPpPCNfJc
@dansantanna
29 Nov 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom hackers exploit Firefox CVE-2024-9680 and Windows CVE-2024-49039 zero-day vulnerabilities to execute arbitrary code and install backdoors without user interaction. https://t.co/mDmm3KmWob https://t.co/4T8VA9WxIo
@Trej0Jass
29 Nov 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTA CRÍTICA DE CIBERSEGURIDAD 🚨 Detectado ataque del grupo ruso RomCom usando Firefox/Thunderbird: Vulnerabilidad zero-click No requiere interacción Afecta empresas en 🇪🇸 y 🇲🇽 Instala backdoor para espionaje CVE-2024-9680 / CVE-2024-49039 🧵[1/2]
@LeonelM41262107
28 Nov 2024
32 Impressions
1 Retweet
1 Like
0 Bookmarks
1 Reply
0 Quotes
#threatreport #MediumCompleteness RomCom Backdoor Attacks Use Zero-Day Exploits in Mozilla and Windows (CVE-2024-9680 & CVE-2024-49039) | 27-11-2024 Source: https://t.co/B4r38QE6R3 Key details below ↓ https://t.co/jXyrAKrhpS
@rst_cloud
28 Nov 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A research by #ESET has discovered that there have been multiple attacks using the recently reported CVE-2024-9680 and CVE-2024-49039 #vulnerabilities for #Firefox and #Windows https://t.co/dhAZiyvafK
@anemboca
27 Nov 2024
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom Backdoor Attacks Use Zero-Day Exploits in Mozilla and Windows (CVE-2024-9680 & CVE-2024-49039) https://t.co/kOi98IW9Ur #security #feedly
@go_stripe
27 Nov 2024
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A vulnerability has been found within Windows Task Scheduler that enables privilege escalation through improper authentication - get the rundown on CVE-2024-49039 here. 🔗https://t.co/VxDi7U3hq5 #itsecurity #cybersecurity
@TrueFort
27 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Russian hackers exploited Firefox (CVE-2024-9680, CVSS 9.8) & Windows (CVE-2024-49039, CVSS 8.8) zero-days to run malicious code. Discovered Oct 8 by ESET. Patches: Mozilla (24hrs), Microsoft (Nov 12, KB5046612). Update now! 🔒#Cybersecurity Source: https://t.co/wvEK7p3r
@ANlKsaha
27 Nov 2024
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
RomCom (Storm-0978) exploited @firefox (CVE-2024-9680) & @Windows (CVE-2024-49039) zero-days. - CVE-2024-9680: RCE in Firefox’s content process, bypassing Tor Browser sandbox. No interaction, low complexity. - CVE-2024-49039: Code execution outside sandbox via Windows task
@cybercitizen7
27 Nov 2024
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) & Windows (CVE-2024-49039) with No User Interaction Delve into the details of RomCom's sophisticated cyberattack, exploiting zero-day vulnerabilities in Firefox and Windows. https://t.co/Gy6CLvJMTv
@the_yellow_fall
27 Nov 2024
1053 Impressions
8 Retweets
20 Likes
8 Bookmarks
0 Replies
0 Quotes
Russian RomCom is exploiting twin bugs #Romcom #CVE-2024-9680 #CVE-2024-49039 https://t.co/bLzDJUnt4t
@pravin_karthik
27 Nov 2024
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RomCom sfrutta vulnerabilità zero-day in Firefox e Windows Sicurezza Informatica, CVE-2024-49039, CVE-2024-9680, cybercrime, Mozilla Firefox, romcom, sandbox escape, windows, zero-day https://t.co/t0HyMAHBla https://t.co/AgOwf5PbAu
@matricedigitale
26 Nov 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RCE in Mozilla and Privilege Escalation in MS Windows: New Kill Chain Used in the Wild by Threat Actor. Make sure you patch your OS and web browser now! 💻 🦊 🔥 CVE-2024-9680 (CVSS score: 9.8) Firefox CVE-2024-49039 (CVSS score: 8.8) Windows Research: https://t.co/3xL7RSfWgL h
@it4sec
26 Nov 2024
162 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
Threat report for CVE-2024-49039 continued.... Detections/Hunting Queries Microsoft Defender Vulnerability Management Microsoft Defender Vulnerability Management surfaces devices vulnerable to the following security issues in the Endpoints exposure tab of this report:… https://t.
@no1RedTeam
25 Nov 2024
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
November 2024 Microsoft Patch Tuesday Summary 4 zero-day vulnerabilities addressed: Two of which with CVE-2024-49039 and CVE-2024-43451 exploited in the wild. #PatchNOW #cybersecurity #Windows #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #DataBreach htt
@haker_teach
23 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-49039
@transilienceai
21 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) https://t.co/KtgRSaHTBo https://t.co/rbZI1xAFug
@NickBla41002745
20 Nov 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49039 is getting exploited #inthewild. Find out more at https://t.co/AJsoh7ru2y CVE-2024-4741 is getting exploited #inthewild. Find out more at https://t.co/UGfCxJVbNl CVE-2024-9465 is getting exploited #inthewild. Find out more at https://t.co/qeG2n7ew9k
@inthewildio
19 Nov 2024
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat report for CVE-2024-49039 continued... Microsoft CTI has the following to say: Exploitation Activity Microsoft Threat Intelligence has observed exploitation of this vulnerability in the wild prior to disclosure, including mid-October exploitation activity leading to… ht
@no1RedTeam
19 Nov 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New threat report! This is what Microsoft CTI has to say about CVE-2024-49039 - Windows Task Scheduler A Windows sandbox escape vulnerability exists in the Windows Task Scheduler remote procedure call (RPC) interface. A threat actor must have access to a compromised system to…
@no1RedTeam
18 Nov 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Confirms Zero-Day Exploitation of Task Scheduler Flaw (CVE-2024-49039) - https://t.co/yyioShZw9q
@SecurityWeek
13 Nov 2024
2316 Impressions
10 Retweets
20 Likes
2 Bookmarks
1 Reply
0 Quotes
Microsoft warns of active exploits targeting vulnerabilities in NTLM (CVE-2024-43451) and Task Scheduler (CVE-2024-49039), which could lead to NTLMv2 hash disclosure and privilege escalation. For details, see the November Patch Tuesday update: https://t.co/meHAJePOJX #infosec
@khashayar_nzk
13 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) https://t.co/mTDIXUJouZ https://t.co/YwIjps6XaW
@secured_cyber
13 Nov 2024
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) https://t.co/SR9Hd87GS5 https://t.co/EZr8fNOq1l
@secured_cyber
13 Nov 2024
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) https://t.co/mBLLrT6oWZ https://t.co/P54jkhbYOD
@ggrubamn
13 Nov 2024
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In November 2024, Microsoft released its Patch Tuesday updates, addressing 90 security vulnerabilities across its products, including four zero-day vulnerabilities, two of which (CVE-2024-49039 and CVE-2024-43451) were already being exploited. These updates covered critical… http
@XArthurDent
13 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) https://t.co/xmATAZn3Et https://t.co/Pg0kQYNpr6
@Art_Capella
13 Nov 2024
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
マイクロソフト、タスクスケジューラーの脆弱性(CVE-2024-49039)を悪用したゼロデイ攻撃を確認 https://t.co/23Ctda8TEa #izumino_trend
@sec_trend
13 Nov 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft 製品の脆弱性対策について(2024年11月) この内 CVE-2024-43451、CVE-2024-49039 の脆弱性について、Microsoft 社では悪用の事実を確認済みと公表しており、今後被害が拡大するおそれがあるため、至急、更新プログラムを適用してください。 https://t.co/c5AJ002PVW
@es_service23
13 Nov 2024
229 Impressions
5 Retweets
12 Likes
0 Bookmarks
0 Replies
0 Quotes
Belangrijke beveiligingsupdate voor microsoft windows task scheduler: cve-2024-49039 https://t.co/Q47L1NfWO5 #CVE-2024-49039 #Windows Task Scheduler kwetsbaarheid #Microsoft beveiligingsupdate #Privilege escalatie exploit #CVE beveiligingsadvies #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "94D57126-EC8D-4898-A5FE-D7EB6463B634",
"versionEndExcluding": "10.0.10240.20826"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "54AA8A1F-0EAD-406A-A4AF-B86C316D1089",
"versionEndExcluding": "10.0.10240.20826"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "86F8F1B2-C206-4CD6-83C6-C450329CEE10",
"versionEndExcluding": "10.0.14393.7515"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "FCBE6103-075E-4841-836D-4E0D630E99FF",
"versionEndExcluding": "10.0.14393.7515"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "81C732A1-CC0F-4633-B00D-473869E77DB9",
"versionEndExcluding": "10.0.17763.6532"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AF9C20B8-CB5E-46C9-B041-D6A42C26703B",
"versionEndExcluding": "10.0.17763.6532"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "71AD0B79-C3EF-4E13-AB04-D5FAEABA6954",
"versionEndExcluding": "10.0.19044.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "B35413A3-DE3B-4E35-AB48-C6D5D138AC07",
"versionEndExcluding": "10.0.19044.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "D0558F5F-A561-41E9-9242-7F4A5D924479",
"versionEndExcluding": "10.0.19044.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "EA243DE7-EDB1-43DA-AD7E-541843DECB58",
"versionEndExcluding": "10.0.19045.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5D428E06-FC7C-4151-9582-D66D05D7AFE6",
"versionEndExcluding": "10.0.19045.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90",
"versionEndExcluding": "10.0.19045.5131"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4",
"versionEndExcluding": "10.0.22621.4460"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94",
"versionEndExcluding": "10.0.22621.4460"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4",
"versionEndExcluding": "10.0.22631.4460"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC",
"versionEndExcluding": "10.0.22631.4460"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531",
"versionEndExcluding": "10.0.26100.2314"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998",
"versionEndExcluding": "10.0.26100.2314"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82E3AC46-9D0D-4381-93EE-FE87C212040A",
"versionEndExcluding": "10.0.14393.7515"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A43E1F6C-B2A7-4DEC-B4EC-04153746C42B",
"versionEndExcluding": "10.0.17763.6532"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641",
"versionEndExcluding": "10.0.20348.2849"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975",
"versionEndExcluding": "10.0.25398.1251"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054",
"versionEndExcluding": "10.0.26100.2314"
}
],
"operator": "OR"
}
]
}
]