Skip to main content

Windows 11 21H2 CVE-2024-21309

HIGH
Integer Underflow (CWE-191)
2024-01-09 secure@microsoft.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 19:34 vuln.today
Patch released
Mar 28, 2026 - 19:34 nvd
Patch available
CVE Published
Jan 09, 2024 - 18:15 nvd
HIGH 7.8

DescriptionCVE.org

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

AnalysisAI

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-191. Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Affected products include: Microsoft Windows 11 21H2, Microsoft Windows 11 22H2, Microsoft Windows 11 23H2, Microsoft Windows Server 2022, Microsoft Windows Server 2022 23H2.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-38545 CRITICAL POC
9.8 Oct 18

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. Rated critical severity (CVSS 9.8), thi

CVE-2023-38146 HIGH POC
8.8 Sep 12

Windows Themes Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely explo

CVE-2021-34527 HIGH POC
8.8 Jul 02

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged fi

CVE-2024-35250 HIGH POC
7.8 Jun 11

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2024-30085 HIGH POC
7.8 Jun 11

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulner

CVE-2024-30038 HIGH POC
7.8 May 14

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity

CVE-2023-36874 HIGH POC
7.8 Jul 11

Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2023-28252 HIGH POC
7.8 Apr 11

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnera

CVE-2021-40449 HIGH POC
7.8 Oct 13

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity

CVE-2022-26904 HIGH POC
7.0 Apr 15

Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

CVE-2023-21554 CRITICAL POC
9.8 Apr 11

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerabi

CVE-2024-29988 HIGH POC
8.8 Apr 09

SmartScreen Prompt Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely

Share

CVE-2024-21309 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy