7.8

CVE-2024-20653

Microsoft Common Log File System Elevation of Privilege Vulnerability

Microsoft Common Log File System Elevation of Privilege Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 10 1507 HwPlatformx64 Version < 10.0.10240.20402
MicrosoftWindows 10 1507 HwPlatformx86 Version < 10.0.10240.20402
MicrosoftWindows 10 1607 HwPlatformx64 Version < 10.0.14393.6614
MicrosoftWindows 10 1607 HwPlatformx86 Version < 10.0.14393.6614
MicrosoftWindows 10 1809 HwPlatformarm64 Version < 10.0.17763.5329
MicrosoftWindows 10 1809 HwPlatformx64 Version < 10.0.17763.5329
MicrosoftWindows 10 1809 HwPlatformx86 Version < 10.0.17763.5329
MicrosoftWindows 10 21h2 HwPlatformarm64 Version < 10.0.19044.3930
MicrosoftWindows 10 21h2 HwPlatformx64 Version < 10.0.19044.3930
MicrosoftWindows 10 21h2 HwPlatformx86 Version < 10.0.19044.3930
MicrosoftWindows 10 22h2 HwPlatformarm64 Version < 10.0.19045.3930
MicrosoftWindows 10 22h2 HwPlatformx64 Version < 10.0.19045.3930
MicrosoftWindows 10 22h2 HwPlatformx86 Version < 10.0.19045.3930
MicrosoftWindows 11 21h2 HwPlatformarm64 Version < 10.0.22000.2713
MicrosoftWindows 11 21h2 HwPlatformx64 Version < 10.0.22000.2713
MicrosoftWindows 11 22h2 HwPlatformarm64 Version < 10.0.22621.3007
MicrosoftWindows 11 22h2 HwPlatformx64 Version < 10.0.22621.3007
MicrosoftWindows 11 23h2 HwPlatformarm64 Version < 10.0.22631.3007
MicrosoftWindows 11 23h2 HwPlatformx64 Version < 10.0.22631.3007
MicrosoftWindows Server 2008 Version- Updatesp2 HwPlatformx64
MicrosoftWindows Server 2008 Version- Updatesp2 HwPlatformx86
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.92% 0.859
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.