CVE-2024-37978

Published: Jul 9, 2024Modified: Nov 21, 2024

8.0

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.1 / Impact: 5.9

Source: secure@microsoft.com (Secondary)

Description

Secure Boot Security Feature Bypass Vulnerability

Affected (3)

Products: Microsoft: Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2

3 products

Windows 11 22h2

Windows 11 23h2

Windows Server 2022 23h2

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 11 22h2	Before 10.0.22621.3880
Microsoft Windows 11 23h2	Before 10.0.22631.3880
Microsoft Windows Server 2022 23h2	Before 10.0.25398.1009

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References (2)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37978

Source: secure@microsoft.com

PatchVendor Advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37978

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.