Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk – .:: CHASLES CORP. ::.

Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw
CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog
Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware
Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs
Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence

Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw
CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog
Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware
Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs
Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence

exploit-for-cve-2024-38054-released:-elevation-of-privilege-flaw-in-windows-kernel-streaming-wow-thunk

_ 24 August 2024_ _ 0 Comments

Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk

This vulnerability allows local attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. With a CVSS score of 7.8, CVE-2024-38054 is a critical flaw patched by Microsoft in July.

4

Author