Request a Demo
Rewterz
More Than 3 Million Unencrypted Mail Servers Vulnerable to Sniffing Attacks
January 3, 2025
Rewterz
LDAPNightmare PoC Exploit Unleashes DoS and RCE Threats on Windows Servers
January 4, 2025

Multiple Microsoft Windows Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-43449 CVSS:6.8

Microsoft Windows could allow a physical attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the USB Video Class System driver. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43646 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Secure Kernel Mode component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43643 CVSS:6.8

Microsoft Windows could allow a physical attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the USB Video Class System driver. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43631 CVSS:6.7

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Secure Kernel Mode component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43634 CVSS:6.8

Microsoft Windows could allow a physical attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the USB Video Class System driver. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43637 CVSS:6.8

Microsoft Windows could allow a physical attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the USB Video Class System driver. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43638 CVSS:6.8

Microsoft Windows could allow a physical attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the USB Video Class System driver. By executing a specially crafted program, an attacker could exploit this vulnerability to gain SYSTEM privileges.

CVE-2024-43645 CVSS:6.7

Microsoft Windows Defender Application Control (WDAC) could allow a local authenticated attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass the security feature.

Impact

  • Privilege Escalation
  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2024-43449
  • CVE-2024-43646
  • CVE-2024-43643
  • CVE-2024-43631
  • CVE-2024-43634
  • CVE-2024-43637
  • CVE-2024-43638
  • CVE-2024-43645

Affected Vendors

Microsoft

Affected Products

  • Microsoft Windows 10 Version 1809 - 10.0.0
  • Microsoft Windows 10 Version 21H2 - 10.0.0
  • Microsoft Windows 11 version 22H2 - 10.0.0
  • Microsoft Windows Server 2019 - 10.0.0
  • Microsoft Windows Server 2019 (Server Core installation) - 10.0.0
  • Microsoft Windows Server 2022 - 10.0.0
  • Microsoft Windows Server 2012 R2 - 6.3.0
  • Microsoft Windows Server 2012 - 6.2.0
  • Microsoft Windows Server 2012 (Server Core installation) - 6.2.0
  • Microsoft Windows Server 2025 - 10.0.0 - 10.0.0
  • Microsoft Windows Server 2025 (Server Core installation) - 10.0.0 - 10.0.0
  • Microsoft Windows 10 Version 22H2 - 10.0.0 - 10.0.0

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-43449

CVE-2024-43646

CVE-2024-43643

CVE-2024-43631

CVE-2024-43634

CVE-2024-43637

CVE-2024-43638

CVE-2024-43645