Analysis Summary

CVE-2024-37983 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, caused by an error in Resume Extensible Firmware Interface. An attacker could exploit this vulnerability to bypass the Secure Boot.

CVE-2024-43537 CVSS:6.5

Microsoft Windows is vulnerable to a denial of service, caused by a flaw in Mobile Broadband Driver. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-37982 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, caused by an error in Resume Extensible Firmware Interface. An attacker could exploit this vulnerability to bypass the Secure Boot.

CVE-2024-37979 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the Kernel component. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2024-37976 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, caused by an error in Resume Extensible Firmware Interface. An attacker could exploit this vulnerability to bypass the Secure Boot.

Impact

• Privilege Escalation
• Security Bypass
• Denial of Service

Indicators of Compromise

CVE

• CVE-2024-37983
• CVE-2024-43537
• CVE-2024-37982
• CVE-2024-37979
• CVE-2024-37976

Affected Vendors

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-37983

CVE-2024-43537

CVE-2024-37982

CVE-2024-37979

CVE-2024-37976