AI description
Verified by IntruderCVE-2024-49138 is an elevation of privilege vulnerability found in the Windows Common Log File System (CLFS) driver. Attackers can exploit this vulnerability by creating malicious CLFS log files. Successful exploitation allows them to execute commands with elevated system privileges, potentially granting control over the affected system. This vulnerability affects various Windows systems, including both workstation and server environments running supported Windows versions. Exploitation can occur locally, meaning an attacker needs some level of access to the system, either physically or remotely, or they might deceive a user into triggering the exploit. The vulnerability stems from a heap-based buffer overflow within the CLFS driver, leading to improper permission handling and ultimately allowing unauthorized privilege escalation.
- Description
- Windows Common Log File System Driver Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
- Exploit added on
- Dec 10, 2024
- Exploit action due
- Dec 31, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-122
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1 by @hnsec https://t.co/mdBIfGHDsz https://t.co/OAgfjGlLlC https://t.co/EGCA72tjYV
@alexjplaskett
4 Feb 2025
3076 Impressions
15 Retweets
61 Likes
28 Bookmarks
1 Reply
0 Quotes
CVE-2024-49138: Windows LPE in CLFS.sys PATCHED: Dec 10, 2024 https://t.co/gNgAol7Tsg Tested on Windows 11 23h2 #git #exploit #lpe #pentest #redteam https://t.co/vIFVEkTEvz
@HackingTeam777
30 Jan 2025
390 Impressions
2 Retweets
8 Likes
0 Bookmarks
0 Replies
0 Quotes
#CVE-2024-49138: 🇷🇺 #Exploit: Privilege Elevation e9db0f7d691a65389c1164cd61aef1d7 0eacfecd84a50fde9c567ecec0dd6982 5f46db361727b678746dac71a5ffb1b0 9b7b9c9193964fcc52a1a83d8476d2a7 e0e17eea7e37082edd64f44f00ed998c https://t.co/3jcSc3b1TA #infosec #security #threatintel #TO
@RakeshKrish12
30 Jan 2025
1144 Impressions
7 Retweets
32 Likes
6 Bookmarks
0 Replies
0 Quotes
2025-01-29 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― cve-2024-49138 Archives - hn security https://t.co/qs7ngSRha4 https://t.co/SvgEsu8i8y
@motikan2010
30 Jan 2025
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windows CLFS heap-based buffer overflow analysis (CVE-2024-49138) – Part 1 : https://t.co/ilXqU01GRt credits @MrAle_98 https://t.co/6mgqU0tioS
@binitamshah
29 Jan 2025
4508 Impressions
19 Retweets
89 Likes
30 Bookmarks
0 Replies
0 Quotes
Hey there, Blog posts on CVE-2024-49138 are finally out. https://t.co/7SD0Dj8PRP
@MrAle_98
29 Jan 2025
7077 Impressions
38 Retweets
85 Likes
34 Bookmarks
1 Reply
0 Quotes
CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis https://t.co/c59jxdktGd https://t.co/N8vCNOsBrw
@secharvesterx
29 Jan 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
After releasing his PoC for CVE-2024-49138, @MrAle_98 is back with 2 new articles that provide background on Windows CLFS, analyze 2 distinct vulnerabilities patched by Microsoft’s KB5048685, and describe how to exploit them. https://t.co/69FQvsv5n0 https://t.co/LTkOGvCXVT
@hnsec
29 Jan 2025
2629 Impressions
21 Retweets
47 Likes
11 Bookmarks
0 Replies
0 Quotes
Windows Common Log File System Zero-day Vulnerability (CVE-2024-49138) Exploited https://t.co/l9SqQa5N36
@GrandCunck
27 Jan 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For who is waiting for a blog post on CVE-2024-49138 here some info: The vulnerabilities are in LoadContainerQ() and WriteMetadataBlock(). Can be exploited tampering pContainer. Here a screenshot with a tampered pContainer in RCX. https://t.co/nsUVHMVY4q
@MrAle_98
27 Jan 2025
8254 Impressions
17 Retweets
94 Likes
38 Bookmarks
1 Reply
0 Quotes
El Gobierno de México alertó: Alerta de Seguridad: Vulnerabilidad CVE-2024-49138 en Windows. Se ha identificado la vulnerabilidad CVE-2024-49138, clasificada como un _zero day_, que permite a atacantes obtener acceso no autorizado a dispositivos con Windows. Esto puede resultar
@Ulul4r
26 Jan 2025
7064 Impressions
8 Retweets
13 Likes
2 Bookmarks
1 Reply
2 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-49138 2 - CVE-2024-43468 3 - CVE-2024-50050 4 - CVE-2025-20156 5 - CVE-2020-11023 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Jan 2025
167 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
⚠️ FREE SOC Alert: CVE-2024-49138 Exploitation Detected Attackers exploit CVE-2024-49138 by gaining low-privilege access, triggering a buffer overflow to escalate privileges. 🛡️ CVE: CVE-2024-49138 🙍 Role: Security Analyst 🌀 Type: Privilege Escalation 🔢 Event ID: 313 https
@LetsDefendIO
25 Jan 2025
4567 Impressions
25 Retweets
114 Likes
38 Bookmarks
0 Replies
0 Quotes
CVE-2024-49138 is a zero-day vulnerability in the Windows CLFS driver. This flaw allows SYSTEM-level privilege escalation. Microsoft has released a patch in December 2024 updates. https://t.co/4JrKmsVhky
@Teemu_Tiainen
21 Jan 2025
86 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-50603 2 - CVE-2023-34960 3 - CVE-2024-49138 4 - CVE-2024-12084 5 - CVE-2025-21210 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
21 Jan 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windowsのゼロデイ脆弱性(CVE-2024-49138)のPoCエクスプロイトが公開されました。ゼロデイ攻撃に悪用される可能性があるので、未対応者は今すぐ対応する事をお勧めします。 https://t.co/pBXdNNDIAZ
@01Programing
21 Jan 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC para vulnerabilidad Zero-Day en Windows (CVE-2024-49138). Esta falla, tiene una puntuación CVSS de 7,8 y permite a los atacantes obtener privilegios de SYSTEM en los dispositivos afectados. #ciberseguridad #cybersecurity https://t.co/K8Wb9V6nRf
@EHCGroup
20 Jan 2025
29 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC para vulnerabilidad Zero-Day en Windows (CVE-2024-49138) https://t.co/1PVeegDAkT
@SeguInfo
20 Jan 2025
798 Impressions
2 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
New PoC exploit for zero-day CVE-2024-49138 in Windows CLFS Driver reveals a critical elevation of privilege flaw (CVSS 7.8). Microsoft confirms active exploitation. Update systems! ⚠️ #Windows #ZeroDay #USA link: https://t.co/h0UXAQVhVz https://t.co/506AwKfb1h
@TweetThreatNews
20 Jan 2025
99 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Windows Common Log File System Zero-day Vulnerability (CVE-2024-49138) Exploited https://t.co/yn5pPw9YvF
@SecurityAid
20 Jan 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-Day Vulnerability in Windows Exploited, Windows Common Log File System (CLFS) Driver: CVE-2024-49138 PoC Code Released https://t.co/tDMf4WvOSE
@Dinosn
20 Jan 2025
12184 Impressions
105 Retweets
267 Likes
104 Bookmarks
1 Reply
1 Quote
Zero-Day Vulnerability in Windows Exploited: CVE-2024-49138 PoC Code Released Adding to the urgency, security researcher MrAle_98 released a proof-of-concept (PoC) exploit for CVE-2024-49138 on GitHub https://t.co/ISQVUEFMyg
@the_yellow_fall
20 Jan 2025
1882 Impressions
10 Retweets
49 Likes
14 Bookmarks
0 Replies
1 Quote
CVE-2024-49138 poc windows CLFS.sys提权漏洞 https://t.co/XAvMnvaQJO https://t.co/S2bIYztVvh
@gov_hack
17 Jan 2025
309 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-49138: LPE in CLFS.sys (Win11 23H2) - https://t.co/n13JTSDT4v 2. CVE-2024-44243: macOS SIP bypass through kernel extensions - https://t.co/H68UgoO62L 3. CVE-2025-21385: SSRF in MS Purview - https://t.co/WcS5T5Hr3w
@ksg93rd
17 Jan 2025
180 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
The Elevation of Privilege - #Windows Common Log File System Driver (CVE-2024-49138) has become more critical. A public exploit for it appeared on January 15th. It was developed by Alessandro Iandoli from @hnsec. #CLFS #HNSecurity ➡️ https://t.co/LT5nz03eJX https://t.co/Y7h9zCok
@leonov_av
16 Jan 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025-01-15 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― GitHub - MrAle98/CVE-2024-49138-POC: POC exploit for CVE-2024-49138 https://t.co/RVMNQhS2Xr https://t.co/8FjwweN1la
@motikan2010
16 Jan 2025
155 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
What has become known about the Elevation of Privilege - #Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later? Almost nothing. 🙄 #CLFS #CrowdStrike ➡️ https://t.co/06vTziELK5 https://t.co/W8wCKrVVoD
@leonov_av
15 Jan 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
While waiting for a blog post about CVE-2024-49138 you can start reading this (It share similarities with poc for CVE-2024-49138)🙂: https://t.co/mhgjApr0eo
@MrAle_98
15 Jan 2025
4506 Impressions
17 Retweets
67 Likes
33 Bookmarks
0 Replies
0 Quotes
I've been analyzing newly disclosed vulnerabilities in popular systems, including Mitel MiCollab (CVE-2024-41713, CVE-2024-35286), Zyxel Firewalls (CVE-2024-11667), and Microsoft Windows (CVE-2024-35250, CVE-2024-49138). Ivanti is also affected (CVE-2025-0282, CVE-2025-0283).
@agentwhitehat
15 Jan 2025
232 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Finally finished to develop an exploit for CVE-2024-49138: vulnerability in CLFS.sys. exploit code: https://t.co/ibsmECkYvp I'll provide a detailed analysis in a blog post. https://t.co/4mXU41OBaJ
@MrAle_98
15 Jan 2025
27184 Impressions
77 Retweets
328 Likes
163 Bookmarks
2 Replies
2 Quotes
Threat Alert: Fake LDAPNightmare exploit on GitHub spreads infostealer malware CVE-2024-49112 CVE-2024-49113 CVE-2024-49138 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/ifVGosLGvd #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
14 Jan 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Threat Alert: Critical Windows LDAP flaw could lead to crashed servers, RCE attacks CVE-2024-49112 CVE-2024-49113 CVE-2024-49138 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/ifVGosLGvd #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
4 Jan 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49138に今更ながら興味出てきた
@cloverfish300
2 Jan 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138) https://t.co/Pt7g27ikvh https://t.co/J6LwmjhrYw
@NickBla41002745
25 Dec 2024
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Security Updates are here. This month, CVE-2024-49138—a privilege escalation vulnerability in the Windows Common Log File System Driver—stands out, with exploitation already detected. @treguly #PatchTuesday #CyberSecurity
@cybernated_DAM
25 Dec 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Detectada vulnerabilidad "Zero Day" CVE-2024-49138 que afecta @Windows 10, 11, Server 2019 y 2022. Actualiza tus sistemas, evita enlaces dudosos y monitorea actividad sospechosa. 🖥️🔒 #observadormx https://t.co/8ABe4ejaRA
@_observadormx
24 Dec 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Security Updates are here. This month, CVE-2024-49138—a privilege escalation vulnerability in the Windows Common Log File System Driver—stands out, with exploitation already detected. https://t.co/pFKNBrSuQl @treguly #PatchTuesday #CyberSecurity
@TripwireInc
23 Dec 2024
130 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138) https://t.co/aY5kIm7xny https://t.co/fFr5UoO4Dy
@dansantanna
20 Dec 2024
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Security Updates are here. This month, CVE-2024-49138—a privilege escalation vulnerability in the Windows Common Log File System Driver—stands out, with exploitation already detected. https://t.co/IFX5kutv4P @treguly #PatchTuesday #CyberSecurity
@TripwireInc
19 Dec 2024
187 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Windows-Sicherheitslücken: Admins müssen dringend handeln Microsoft schließt mehrere kritische Sicherheitslücken in Windows-Desktop- und Server-Versionen, die aktuell aktiv von Angreifern ausgenutzt werden. Besonders betroffen ist die Schwachstelle CVE-2024-49138, die es… https:
@tec4net
18 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138) https://t.co/ax4daEk4H5 https://t.co/VQxjAWJb0V
@Art_Capella
17 Dec 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Releases Urgent Patch for Exploited Zero-Day Microsoft has released patches for over 70 documented security defects and actively exploited zero-day vulnerability in the Windows Common Log File System (CLFS). The vulnerability tracked as CVE-2024-49138, has a CVSS score…
@WarrenTevora
17 Dec 2024
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybersecurity WOTW: Spray Attacks Actively Exploited Vulnerabilities Include: • Cleo File Upload (CVE-2024-50623) • Microsoft CLFS Buffer Overflow (CVE-2024-49138) • Ivanti Connect Secure Command Injection (CVE-2024-21887) 👉Read the blog: https://t.co/mLYWd1ZfIJ https://t.co/
@GradientCyber
16 Dec 2024
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49138 is getting exploited #inthewild. Find out more at https://t.co/4vzA9Bo0Tc CVE-2024-50623 is getting exploited #inthewild. Find out more at https://t.co/nxYHjmvoLI
@inthewildio
16 Dec 2024
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138) https://t.co/vxEGib1MvS https://t.co/qI89ipAagU
@Trej0Jass
16 Dec 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft’s December 2024 Security Updates are here. This month, CVE-2024-49138—a privilege escalation vulnerability in the Windows Common Log File System Driver—stands out, with exploitation already detected. https://t.co/0smP6X51vf @treguly #PatchTuesday #CyberSecurity
@TripwireInc
15 Dec 2024
298 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
𝐖𝐢𝐧𝐝𝐨𝐰𝐬 𝐙𝐞𝐫𝐨-𝐃𝐚𝐲 𝐄𝐱𝐩𝐥𝐨𝐢𝐭 𝐅𝐨𝐮𝐧𝐝 According to PCMag, Microsoft released security updates for Windows 10 and 11 PCs on Tuesday addressing a high-severity bug actively exploited by attackers. The vulnerability, known as CVE-2024-49138, grants attackers… htt
@TechBuzzRecap
14 Dec 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft has released critical updates for Windows 10 and 11 to address a high-severity vulnerability that's been actively exploited. The flaw, CVE-2024-49138, is a "Common Log File System Driver Elevation of Privilege Vulnerability" that can allow attackers system privileges. h
@PCMag
14 Dec 2024
1801 Impressions
2 Retweets
6 Likes
2 Bookmarks
2 Replies
0 Quotes
📣 Patch Tuesday content packMicrosoft resolved 70 vulnerabilities, incl. 16 critical flaws + an exploited zero-day (CVE-2024-49138). Third-party vendors like Google, Cisco, & Apple also released critical updates. 🔗 Key resources: Patch insights: https://t.co/Ii2IvrcdBj… ht
@Action1corp
13 Dec 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#DOYOUKNOWCVE CISA Alert! CVE-2024-49138 - Heap-Based Buffer Overflow Vulnerability in Microsoft Windows Common Log File System (CLFS) Driver. The flaw allows attackers to execute malicious code with elevated privileges, potentially compromising the target system. It is part…
@Loginsoft_Inc
13 Dec 2024
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "10F567C3-3739-4F3D-B9E0-D2725D09CE0D",
"versionEndExcluding": "10.0.10240.20857"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "04D1F48B-C323-4062-B5E1-9700ADBB153C",
"versionEndExcluding": "10.0.10240.20857"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "29B44B5E-3D35-4A5B-A916-6E70923FAB7C",
"versionEndExcluding": "10.0.14393.7606"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "77EAFFB9-3053-4197-B52D-69F4F86C8FBA",
"versionEndExcluding": "10.0.14393.7606"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5FA7C375-3A7C-4F34-B6E7-82C187B4F7AF",
"versionEndExcluding": "10.0.17763.6659"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "576F141F-C874-4817-961A-2C4D2AB3DEA4",
"versionEndExcluding": "10.0.17763.6659"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "2BD1D819-7D27-4181-9672-0F1DC6F15BA1",
"versionEndExcluding": "10.0.19044.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "6DF22110-AA81-4D46-BE27-A3F70112AD44",
"versionEndExcluding": "10.0.19044.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "A374923B-799C-4057-9C77-DE03A20FF4FE",
"versionEndExcluding": "10.0.19044.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "979EA48D-ED87-4852-B436-D730A9130BA9",
"versionEndExcluding": "10.0.19045.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "1FA81A8A-13B7-4180-8F8E-9079F6C82353",
"versionEndExcluding": "10.0.19045.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "9ACEFC50-0F9A-45DF-9002-B823DAE1FE97",
"versionEndExcluding": "10.0.19045.5247"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "C928D5FD-9F91-4BC7-A151-76B72F9539B3",
"versionEndExcluding": "10.0.22621.4602"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "943E002C-645E-4AA0-B15A-621B79DF97A5",
"versionEndExcluding": "10.0.22621.4602"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "ED3FE198-9DED-4108-AFAC-3BBF93AC7779",
"versionEndExcluding": "10.0.22631.4602"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "3B0A1BFF-C699-4863-AAEC-0F304BB3255C",
"versionEndExcluding": "10.0.22631.4602"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "8F34994C-CF51-49A4-8985-9B0C6EF1C3A2",
"versionEndExcluding": "10.0.26100.2605"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "40E04CC5-22CA-4D16-9B1F-695277A5D83E",
"versionEndExcluding": "10.0.26100.2605"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C0DC57FA-88F8-4D5C-94BD-3A8B1FB8C047"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "361D1B8E-6E56-4B5F-85D1-D47114A10A81",
"versionEndExcluding": "10.0.14393.7606"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11517523-F822-45BC-B347-C65F00B45202",
"versionEndExcluding": "10.0.17763.6659"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AECABB2C-DACB-4BBD-8739-DDB00285B0A7",
"versionEndExcluding": "10.0.20348.2966"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37977CFB-B259-49B8-B0C5-85ECB40FE429",
"versionEndExcluding": "10.0.25398.1308"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E013EA3C-6F18-4CA4-AF5B-664F869B9A6D",
"versionEndExcluding": "10.0.26100.2605"
}
],
"operator": "OR"
}
]
}
]