CVE-2024-38014
Microsoft Windows Installer Improper Privilege Management Vulnerability
CVSS
—
Sin CVSS
EPSS
6.0%
p93
KEV
SÍ
10 sept 2024
Exploit Today
78
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows Installer Improper Privilege Management Vulnerability
Añadido a KEV
10 sept 2024
Remediar antes de
1 oct 2024
Uso conocido en ransomware
No
Descripción resumida
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014; https://nvd.nist.gov/vuln/detail/CVE-2024-38014