CVE-2024-38080
Published: 09 July 2024
Summary
CVE-2024-38080 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Microsoft Windows 11 21H2. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).
Deeper analysis
CVE-2024-38080 is an elevation of privilege vulnerability in Windows Hyper-V, carrying a CVSS 3.1 base score of 7.8. The flaw is associated with CWE-190 and was publicly disclosed on 9 July 2024.
A local attacker who already possesses a low-privileged account on an affected Hyper-V host can exploit the issue without user interaction. Successful exploitation grants the attacker full control over the confidentiality, integrity, and availability of the system, effectively allowing a privilege escalation to SYSTEM-level access within the Hyper-V environment.
Microsoft has published guidance and patches through its Security Response Center, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild.
The EPSS score rose from a low baseline to a peak of 0.2197 before settling at the current value of 0.1420, indicating that exploitation interest increased after disclosure and that the vulnerability continues to warrant attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37774
Vulnerability details
Windows Hyper-V Elevation of Privilege Vulnerability
- CWE(s)
- KEV Date Added
- 09 July 2024
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires applying the vendor patch that eliminates the integer-overflow flaw before exploitation can succeed.
Limits the low-privileged local account to the minimum rights needed, reducing the ability to trigger or benefit from the Hyper-V EoP.
Enforces memory-protection mechanisms that can block or contain the memory corruption resulting from the CWE-190 integer overflow.