Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051) – HIGH

2024-11-29

Vulnerability :

This article describes a vulnerability (CVE-2024-30051) in the Windows Desktop Window Manager (DWM) Core Library. It allows attackers to escalate their privileges to the highest level (SYSTEM) on vulnerable systems. This vulnerability was exploited in attacks using QakBot malware.

Vulnerability Details:

Platform: Windows (10 and above), Windows Server (2016 and later)
Version: Not specified
Vulnerability: Heap-based buffer overflow in DWM Core Library
Severity: HIGH (CVSS v3 score: 7.8)
Date: Published: May 14, 2024, Last Modified: November 29, 2024

What Undercode Says:

This vulnerability is serious and has been exploited in the wild. Ensure you have installed the patch released by Microsoft in May 2024 as part of their Patch Tuesday update.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top