Cyber Resilience

CVE-2024-38125

High

Published: 13 August 2024

Published
13 August 2024
Modified
16 August 2024
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0943 93.0th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-38125 is a high-severity Numeric Truncation Error (CWE-197) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 7.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-38125 is an elevation of privilege vulnerability in the Kernel Streaming WOW Thunk Service Driver. It carries a CVSS 3.1 score of 7.8 and is associated with CWE-197. The flaw affects a Windows kernel-mode component responsible for handling streaming operations in a WOW64 environment.

An attacker with local access and low privileges can exploit the issue without user interaction to obtain high impacts on confidentiality, integrity, and availability. The attack vector is local, with low complexity and unchanged scope, allowing the malicious actor to elevate privileges on the affected system.

Microsoft has published guidance for the vulnerability through its Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38125. The current EPSS score of 0.0943, with a recorded peak of 0.1029, indicates moderate but stable exploitation probability since disclosure.

EU & UK References

Vulnerability details

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 10 1507
≤ 10.0.10240.20751
microsoft
windows 10 1607
≤ 10.0.14393.7259
microsoft
windows 10 1809
≤ 10.0.17763.6189
microsoft
windows 10 21h2
≤ 10.0.19044.4780
microsoft
windows 10 22h2
≤ 10.0.19045.4780
microsoft
windows 11 21h2
≤ 10.0.22000.3147
microsoft
windows 11 22h2
≤ 10.0.22621.4037
microsoft
windows 11 23h2
≤ 10.0.22631.4037
microsoft
windows 11 24h2
≤ 10.0.26100.1457
microsoft
windows server 2008
all versions, r2
+5 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References