CVE-2024-30088CISA KEV: Actively Exploited

Microsoft Windows Kernel TOCTOU Race Condition Vulnerability

Published Oct 15, 2024·Updated Oct 15, 2024

Description

Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.

Public Exploits & PoCs10 found

PoC: collateral-damage

Kernel exploit for Xbox SystemOS using CVE-2024-30088

41

PoC: maldev

Go offensive-security research library — 15+ injection methods, AMSI/ETW/ntdll-unhook evasion, sleep mask, PE ops (sRDI/BOF/CLR hosting), Meterpreter C2, persistence, UAC bypass, CVE-2024-30088 LPE. MITRE ATT&CK mapped.

3

PoC: CVE-2024-30088__Windows-TOCTOU-exploit

This is a modified version of the original CVE-2024-30088 exploit, adapted to work in non-interactive environments (WinRM).

2

PoC: exploits-forsale-collateral-damage

Kernel exploit for Xbox SystemOS using CVE-2024-30088

1

PoC: CVE-2024-30088-Windows-poc

该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。

1

PoC: cve-2024-30088-binary

compiled poc binary

PoC: CVE-2024-30088

Windows Kernel Elevation of Privilege (PoC)

PoC: CVE-2024-30088

Windows privilege escalation: Time-of-check Time-of-use (TOCTOU) Race Condition

PoC: CVE-2024-30088

Questa repository contiene una replica (tentativo di replica) scritto in Python per CVE-2024-30088.

PoC: CVE-2024-30088-

🆘New Windows Kernel Priviledge Escalation Vulnerability

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free