CVE-2024-30038
Published: 14 May 2024
Summary
CVE-2024-30038 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 7.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-30038 is an elevation-of-privilege vulnerability in the Win32k component of the Windows kernel, disclosed on 14 May 2024. The flaw is tracked under CWE-122 and carries a CVSS 3.1 score of 7.8, reflecting local attack vector, low attack complexity, and low privileges required to reach full confidentiality, integrity, and availability impact.
A local attacker who already possesses a low-privileged user account on an affected Windows system can exploit the issue to escalate to higher privileges, typically SYSTEM-level access, without user interaction. Successful exploitation grants the attacker the ability to execute arbitrary code with kernel rights, install persistent malware, or access sensitive data and resources otherwise protected from the original account.
Microsoft’s security advisory for CVE-2024-30038 directs administrators to apply the corresponding security update released through Windows Update and the Microsoft Update Catalog. The update addresses the underlying memory-corruption condition in Win32k and is rated as an important fix for supported Windows versions.
EPSS for the CVE remains modest, with a recorded peak of 0.0944 and a current value of 0.0845; no material upward trajectory after disclosure has been observed.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-27978
Vulnerability details
Win32k Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.