CVE-2024-35250 vulnerability in Microsoft Products
Published on June 11, 2024
Known Exploited Vulnerability
This Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.
The following remediation steps are recommended / required by January 6, 2025: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
CVE-2024-35250 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2024-35250 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2024-35250
You can be notified by stack.watch whenever vulnerabilities like CVE-2024-35250 are published in these products:
What versions are vulnerable to CVE-2024-35250?
- Microsoft Windows Server 2012 Version r2
- Microsoft Windows Server 2008 Version r2 sp1
- Microsoft Windows Server 2012 Version -
- Microsoft Windows Server 2008 Version - sp2 x64
- Microsoft Windows Server 2008 Version - sp2 x86
- Microsoft Windows Server 2022 Fixed in Version 10.0.20348.2522
- Microsoft Windows Server 2016 Fixed in Version 10.0.14393.7070
- Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.4529
- Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.4529
- Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7070
- Microsoft Windows 10 1507 Fixed in Version 10.0.10240.20680
- Microsoft Windows 11 23h2 Fixed in Version 10.0.22631.3737
- Microsoft Windows Server 2022 23h2 Fixed in Version 10.0.25398.950
- Microsoft Windows 11 21h2 Fixed in Version 10.0.22000.3019
- Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.3737
- Microsoft Windows Server 2019 Fixed in Version 10.0.17763.5936
- Microsoft Windows 10 1809 Fixed in Version 10.0.17763.5936