CVE-2024-6769
Published: 26 September 2024
Summary
CVE-2024-6769 is a high-severity Untrusted Search Path (CWE-426) vulnerability in Fortra (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, ranked in the top 5.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-6769 is a DLL hijacking vulnerability that arises from drive remapping combined with poisoning of the activation cache. It affects Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022. The flaw is tracked under CWE-426 and CWE-427 and carries a CVSS 4.0 score of 8.4, reflecting high impact on confidentiality, integrity, and availability when exploited locally.
An authenticated attacker who can run code in a medium-integrity process can leverage the issue to escalate to high integrity without triggering a User Account Control prompt. The attack requires local access and does not rely on user interaction or network vectors.
Public references point to a Fortra advisory and an accompanying GitHub repository that contain further technical details. The EPSS score has remained flat at 0.1595 with no material rise since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-47802
Vulnerability details
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a…
more
medium integrity process to a high integrity process without the intervention of a UAC prompt.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.