Cyber Resilience

CVE-2024-38106

HighCISA KEVActive ExploitationEUVD Exploited

Published: 13 August 2024

Published
13 August 2024
Modified
28 October 2025
KEV Added
13 August 2024
Patch
CVSS Score v3.1 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0075 73.6th percentile
Risk Priority 34 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-38106 is a high-severity Sensitive Data Storage in Improperly Locked Memory (CWE-591) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.0 (High).

Operationally, ranked in the top 26.4% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-3 (Access Enforcement).

Deeper analysis

The vulnerability CVE-2024-38106 is a Windows Kernel Elevation of Privilege Vulnerability affecting the Windows kernel. It is assigned a CVSS 3.1 score of 7.0 under the vector AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H and is associated with CWE-591.

An attacker with local access and low privileges can exploit the flaw, although the high attack complexity requirement limits the likelihood of success; successful exploitation would allow elevation of privileges with high impact to confidentiality, integrity, and availability.

Microsoft has published guidance for the issue, and the CVE is referenced in CISA's known exploited vulnerabilities catalog. The current EPSS score is 0.0075.

EU & UK References

Vulnerability details

Windows Kernel Elevation of Privilege Vulnerability

CWE(s)
KEV Date Added
13 August 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 10 1507
≤ 10.0.10240.20751
microsoft
windows 10 1607
≤ 10.0.14393.7259
microsoft
windows 10 1809
≤ 10.0.17763.6189
microsoft
windows 10 21h2
≤ 10.0.19044.4780
microsoft
windows 10 22h2
≤ 10.0.19045.4780
microsoft
windows 11 21h2
≤ 10.0.22000.3147
microsoft
windows 11 22h2
≤ 10.0.22621.4037
microsoft
windows 11 23h2
≤ 10.0.22631.4037
microsoft
windows 11 24h2
≤ 10.0.26100.1457
microsoft
windows server 2016
≤ 10.0.14393.7259
+3 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely installation of the August 2024 security updates that eliminate the kernel EoP flaw before local attackers can exploit it.

prevent

Enforces least-privilege restrictions on local accounts so that even a successful exploit of CVE-2024-38106 yields only the minimal rights originally granted rather than immediate SYSTEM access.

prevent

Requires the kernel to enforce access-control decisions that block unauthorized elevation from low-privileged local sessions to SYSTEM-level rights.

References