CVE-2024-38125
Published: 13 August 2024
Summary
CVE-2024-38125 is a high-severity Numeric Truncation Error (CWE-197) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 7.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-38125 is an elevation of privilege vulnerability in the Kernel Streaming WOW Thunk Service Driver. It carries a CVSS 3.1 score of 7.8 and is associated with CWE-197. The flaw affects a Windows kernel-mode component responsible for handling streaming operations in a WOW64 environment.
An attacker with local access and low privileges can exploit the issue without user interaction to obtain high impacts on confidentiality, integrity, and availability. The attack vector is local, with low complexity and unchanged scope, allowing the malicious actor to elevate privileges on the affected system.
Microsoft has published guidance for the vulnerability through its Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38125. The current EPSS score of 0.0943, with a recorded peak of 0.1029, indicates moderate but stable exploitation probability since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37086
Vulnerability details
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.