CVE-2024-38127
Published: 13 August 2024
Summary
CVE-2024-38127 is a high-severity Buffer Over-read (CWE-126) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 5.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-38127 is an elevation of privilege vulnerability affecting the Windows Hyper-V component. It carries a CVSS 3.1 base score of 7.8 and is associated with CWE-126, indicating a local attack vector that can result in high impact to confidentiality, integrity, and availability when successfully exploited.
An attacker with low privileges on a Windows system that has Hyper-V enabled can leverage the flaw to escalate rights without user interaction. Successful exploitation would allow the attacker to obtain full control over the affected Hyper-V environment, potentially compromising virtual machines and the underlying host.
The official Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38127 provides patch information and mitigation guidance for supported Windows releases.
EPSS for the vulnerability sits at 0.1266 with no material increase from its recorded peak, indicating moderate but stable exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37088
Vulnerability details
Windows Hyper-V Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.