CVE-2024-21338CISA KEV: Actively Exploited

Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability

Published Mar 4, 2024·Updated Mar 4, 2024

Description

Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.

Public Exploits & PoCs9 found

PoC: CVE-2024-21338-x64-build-

Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.

3

PoC: CVE-2024-21338-POC

CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability Zero-day

3

PoC: CVE-2024-21338

Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.

1

PoC: kcfg-bypass

kcfg bypass example - CVE-2024-21338

PoC: CVE-2024-21338

Windows AppLocker Driver (appid.sys) LPE

PoC: CVE-2024-21338-1

PoC for the Untrusted Pointer Dereference in the appid.sys driver

PoC: CVE-2024-21338

PoC for the Untrusted Pointer Dereference in the appid.sys driver

PoC: CVE-2024-21338

Fork of https://github.com/hakaioffsec/CVE-2024-21338

PoC: CVE-2024-21338-POC

CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free