7
- شناسه CVE-2024-21338 :CVE
- CWE-822 :CWE
- yes :Advisory
- منتشر شده: 02/13/2024
- به روز شده: 12/31/2024
- امتیاز: 7.8
- نوع حمله: Unknown
- اثر گذاری: Elevation of Privilege
- برند: Microsoft
- محصول: Windows
- وضعیتPublished :CVE
- No :POC
- وضعیت آسیب پذیری: patch شده
چکیده
این آسیبپذیری به یکی از عملکردهای ناشناخته در بخش هسته (Kernel) مربوط میشود. ایجاد تغییرات در این بخش منجر به بروز یک ضعف ناشناخته میشود. برای انجام حمله از طریق این آسیب پذیری، دسترسی محلی(Local) لازم است.
توضیحات
این مشکل تحت عنوان CWE-822 شناخته میشود. در این نقص، محصول یک مقدار را از یک منبع غیرقابلاعتماد دریافت میکند، آن را به یک اشارهگر (pointer)تبدیل کرده و سپس به اشارهگر حاصل ارجاع میدهد. این آسیبپذیری بر محرمانگی، یکپارچگی و دسترسپذیری تأثیر میگذارد.
CVSS
| Score | Severity | Version | Vector String |
| 7.8 | HIGH | 3.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
لیست محصولات آسیب پذیر
| Versions | Platforms | Product |
| affected from 10.0.17763.0 before 10.0.17763.5458 | 32-bit Systems, x64-based Systems
|
Windows 10 Version 1809
|
| affected from 10.0.0 before 10.0.17763.5458 | ARM64-based Systems
|
Windows 10 Version 1809
|
| affected from 10.0.17763.0 before 10.0.17763.5458 | x64-based Systems
|
Windows Server 2019
|
| affected from 10.0.17763.0 before 10.0.17763.5458 | x64-based Systems
|
Windows Server 2019 (Server Core installation)
|
| affected from 10.0.20348.0 before 10.0.20348.2322 | x64-based Systems
|
Windows Server 2022
|
| affected from 10.0.0 before 10.0.22000.2777 | x64-based Systems, ARM64-based Systems
|
Windows 11 version 21H2
|
| affected from 10.0.19043.0 before 10.0.19044.4046 | 32-bit Systems, ARM64-based Systems, x64-based Systems
|
Windows 10 Version 21H2
|
| affected from 10.0.22621.0 before 10.0.22621.3155 | ARM64-based Systems, x64-based Systems
|
Windows 11 version 22H2
|
| affected from 10.0.19045.0 before 10.0.19045.4046 | x64-based Systems, ARM64-based Systems, 32-bit Systems
|
Windows 10 Version 22H2
|
| affected from 10.0.22631.0 before 10.0.22631.3155 | ARM64-based Systems
|
Windows 11 version 22H3
|
| affected from 10.0.22631.0 before 10.0.22631.3155 | x64-based Systems
|
Windows 11 Version 23H2
|
| affected from 10.0.25398.0 before 10.0.25398.709 | x64-based Systems
|
Windows Server 2022, 23H2 Edition (Server Core installation)
|
لیست محصولات بروز شده
| Product | Impact | Max Severity | Build Number |
| Windows Server 2022, 23H2 Edition (Server Core installation) | Elevation of Privilege | Important | 10.0.25398.709 |
| Windows 11 Version 23H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.22631.3155 |
| Windows 11 Version 23H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.22631.3155 |
| Windows 10 Version 22H2 for 32-bit Systems | Elevation of Privilege | Important | 10.0.19045.4046 |
| Windows 10 Version 22H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.19045.4046 |
| Windows 10 Version 22H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.19045.4046 |
| Windows 11 Version 22H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.22621.3155 |
| Windows 11 Version 22H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.22621.3155 |
| Windows 10 Version 21H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.19044.4046 |
| Windows 10 Version 21H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.19044.4046 |
| Windows 10 Version 21H2 for 32-bit Systems | Elevation of Privilege | Important | 10.0.19044.4046 |
| Windows 11 version 21H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.22000.2777 |
| Windows 11 version 21H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.22000.2777 |
| Windows Server 2022 (Server Core installation) | Elevation of Privilege | Important | 10.0.20348.2322 |
| Windows Server 2022 | Elevation of Privilege | Important | 10.0.20348.2322 |
| Windows Server 2019 (Server Core installation) | Elevation of Privilege | Important | 10.0.17763.5458 |
| Windows Server 2019 | Elevation of Privilege | Important | 10.0.17763.5458 |
| Windows 10 Version 1809 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.17763.5458 |
| Windows 10 Version 1809 for x64-based Systems | Elevation of Privilege | Important | 10.0.17763.5458 |
| Windows 10 Version 1809 for 32-bit Systems | Elevation of Privilege | Important | 10.0.17763.5458 |
نتیجه گیری
مهاجمی که این آسیبپذیری را با موفقیت بهرهبرداری کند، میتواند به دسترسیهای سطح سیستم (SYSTEM) دست یابد. برای اکسپلویت این آسیبپذیری، مهاجم ابتدا باید وارد سیستم شود. سپس میتواند یک برنامه دستکاریشده خاصی را اجرا کرد که بتواند از این آسیبپذیری بهرهبرداری کرده و آن را اکسپلویت نماید و از این طریق کنترل سیستم آسیبپذیر را به دست گیرد.
منابع
- https://www.cve.org/CVERecord?id=CVE-2024-21338
- https://www.cvedetails.com/cve/CVE-2024-21338/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2024-21338
- https://vuldb.com/?id.253601
- https://nvd.nist.gov/vuln/detail/cve-2024-21338
- https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
- https://cwe.mitre.org/data/definitions/822.html
- https://www.exploit-db.com/search?cve=CVE-2024-21338
