CVE-2024-38054
Published: 09 July 2024
Summary
CVE-2024-38054 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 3.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-38054 is an elevation of privilege vulnerability in the Kernel Streaming WOW Thunk Service Driver. It carries a CVSS 3.1 base score of 7.8 and is associated with CWE-122 and CWE-787. The flaw was published on 9 July 2024 and affects the affected Windows kernel streaming component.
A local attacker with low privileges can exploit the issue without user interaction to obtain elevated rights, resulting in full compromise of confidentiality, integrity, and availability on the target system.
Microsoft has published official guidance and patches for the vulnerability at the Microsoft Security Response Center advisory page. The current EPSS score stands at 0.3278 with a recorded peak of 0.3452, indicating moderate but stable exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37750
Vulnerability details
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.