CVE-2024-30088
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
CVSS
—
No CVSS
EPSS
68.2%
p99
KEV
YES
Oct 15, 2024
Exploit Today
80
0-100
Published: — · Last modified: —
68.2%EPSS · 30 days68.2%
2026-06-302026-07-16
Product
Microsoft / Windows
Vulnerability
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
Added to KEV
Oct 15, 2024
Remediate by
Nov 5, 2024
Known ransomware use
Yes
Summary description
Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-30088
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-38080—93.5%
KEV—78Microsoft Windows Hyper-V Privilege Escalation Vulnerability—