CVE-2024-43571

Published: Oct 8, 2024Modified: Oct 16, 2024

7.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.3 / Impact: 5.9

Source: NVD

Description

Sudo for Windows Spoofing Vulnerability

Affected (2)

Products: Microsoft: Windows 11 24h2

1 product

Windows 11 24h2

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 11 24h2	Before 10.0.26100.2033
Microsoft Windows 11 24h2	Before 10.0.26100.2033

Related CWEs

Improper Restriction of Communication Channel to Intended Endpoints

The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43571

Source: secure@microsoft.com

PatchVendor Advisory

Timeline

No history available yet.