CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2024-38106

criticalknown exploitedcovered by 1 sourcefirst seen 2024-08-13
Actively exploited. CVE-2024-38106 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2024-08-13) — exploitation has been observed in the wild, and US federal agencies are required to remediate it under BOD 22-01. Treat patching as urgent.
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.

CSIRTS triage

What
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation.
Who is affected
Local attackers on affected Windows systems can exploit this vulnerability.
Urgency
Immediate remediation is necessary as the vulnerability is critical and actively exploited.
Action
Users should update their Windows systems to the latest version to mitigate this risk.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2024-38106

Get an email if CVE-2024-38106 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2024-38106

CVE.org record

CISA KEV catalog

Embed the live status

CVE-2024-38106 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2024-38106 status](https://www.csirts.com/badge/CVE-2024-38106)](https://www.csirts.com/cve/CVE-2024-38106)