- شناسه CVE-2024-49138 :CVE
- CWE122 :CWE
- yes :Advisory
- منتشر شده: 12/10/2024
- به روز شده: 12/20/2024
- امتیاز: 7.8
- نوع حمله: Unknown
- اثر گذاری: Driver Elevation of Privilege Vulnerability
- برند: Microsoft
- محصول: Windows
- وضعیتPublished :CVE
- No :POC
- وضعیت آسیب پذیری: patch شده
چکیده
یک آسیب پذیری بحرانی در ویندوز است. این آسیبپذیری از نوع Privilege Escalation (ارتقاء سطح دسترسی) است و به مهاجمان این امکان را میدهد که با سوءاستفاده از آن، سطح دسترسی خود را از یک کاربر معمولی در سیستم (SYSTEM) افزایش دهند و به امتیاز سیستم دسترسی پیدا کنند. از طریق این آسیب پذیری که در واقع CLFS است بخشی از زیرساخت ویندوز که مربوط به مدیریت و پردازش لاگ فایلها است مورد حمله قرار می گیرد.
لیست محصولات آسیب پذیر
| Product | Platforms | Versions |
| Windows 10 Version 1809 | 32-bit Systems, x64-based Systems | affected from 10.0.17763.0 before 10.0.17763.6659 |
| Windows Server 2019 | x64-based Systems | affected from 10.0.17763.0 before 10.0.17763.6659 |
| Windows Server 2019 (Server Core installation) | x64-based Systems | affected from 10.0.17763.0 before 10.0.17763.6659 |
| Windows Server 2022 | x64-based Systems | affected from 10.0.20348.0 before 10.0.20348.2966 |
| Windows 10 Version 21H2 | 32-bit Systems, ARM64-based Systems, x64-based Systems | affected from 10.0.19043.0 before 10.0.19044.5247 |
| Windows 11 version 22H2 | ARM64-based Systems, x64-based Systems | affected from 10.0.22621.0 before 10.0.22621.4602 |
| Windows 10 Version 22H2 | x64-based Systems, ARM64-based Systems, 32-bit Systems | affected from 10.0.19045.0 before 10.0.19045.5247 |
| Windows Server 2025 (Server Core installation) | x64-based Systems | affected from 10.0.26100.0 before 10.0.26100.2605 |
| Windows 11 version 22H3 | ARM64-based Systems | affected from 10.0.22631.0 before 10.0.22631.4602 |
| Windows 11 Version 23H2 | x64-based Systems | affected from 10.0.22631.0 before 10.0.22631.4602 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | x64-based Systems | affected from 10.0.25398.0 before 10.0.25398.1308 |
| Windows 11 Version 24H2 | ARM64-based Systems, x64-based Systems | affected from 10.0.26100.0 before 10.0.26100.2605 |
| Windows Server 2025 | x64-based Systems | affected from 10.0.26100.0 before 10.0.26100.2605 |
| Windows 10 Version 1507 | 32-bit Systems, x64-based Systems | affected from 10.0.10240.0 before 10.0.10240.20857 |
| Windows 10 Version 1607 | 32-bit Systems, x64-based Systems | affected from 10.0.14393.0 before 10.0.14393.7606 |
| Windows Server 2016 | x64-based Systems | affected from 10.0.14393.0 before 10.0.14393.7606 |
| Windows Server 2016 (Server Core installation) | x64-based Systems | affected from 10.0.14393.0 before 10.0.14393.7606 |
| Windows Server 2008 Service Pack 2 | 32-bit Systems | affected from 6.0.6003.0 before 6.0.6003.23016 |
| Windows Server 2008 Service Pack 2 (Server Core installation) | 32-bit Systems, x64-based Systems | affected from 6.0.6003.0 before 6.0.6003.23016 |
| Windows Server 2008 Service Pack 2 | x64-based Systems | affected from 6.0.6003.0 before 6.0.6003.23016 |
| Windows Server 2008 R2 Service Pack 1 | x64-based Systems | affected from 6.1.7601.0 before 6.1.7601.27467 |
| Windows Server 2008 R2 Service Pack 1 (Server Core installation) | x64-based Systems | affected from 6.1.7601.0 before 6.1.7601.27467 |
| Windows Server 2012 | x64-based Systems | affected from 6.2.9200.0 before 6.2.9200.25222 |
| Windows Server 2012 (Server Core installation) | x64-based Systems | affected from 6.2.9200.0 before 6.2.9200.25222 |
| Windows Server 2012 R2 | x64-based Systems | affected from 6.3.9600.0 before 6.3.9600.22318 |
| Windows Server 2012 R2 (Server Core installation) | x64-based Systems | affected from 6.3.9600.0 before 6.3.9600.22318 |
نوع حمله به صورت محلی بوده و پیچیدگی کمی دارد و همچنین حمله از طریق این آسیب پذیری بدون نیاز به تعامل با کاربر می تواند صورت بگیرد همچنین برای حمله از طریق این آسیب پذیری نیاز به سطح دسترسی کمی در سیستم قربانی می باشد. در حال حاضر هیچ اکسپلویتی به طور عمومی برای این آسیب پذیری وجود ندارد.
لیست بروزرسانی محصولات برای رفع آسیب پذیری موردنظر به شرح زیر است:
| Product | Impact | Max Severity | Build Number |
| Windows 11 Version 22H2 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.22621.4602 |
| Windows 11 Version 22H2 for ARM64-based Systems |
Elevation of Privilege |
Important | 10.0.22621.4602 |
| Windows 10 Version 21H2 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.19044.5247 |
| Windows 10 Version 21H2 for ARM64-based Systems |
Elevation of Privilege |
Important | 10.0.19044.5247 |
| Windows 10 Version 21H2 for ARM64-based Systems |
Elevation of Privilege |
Important | 10.0.19044.5247 |
| Windows Server 2022 (Server Core installation) |
Elevation of Privilege |
Important | 10.0.20348.2966
10.0.20348.2908 |
|
Windows Server 2022 |
Elevation of Privilege |
Important | 10.0.20348.2966
10.0.20348.2908 |
| Windows Server 2012 R2 (Server Core installation) |
Elevation of Privilege |
Important | 6.3.9600.22318 |
| Windows Server 2012 R2 |
Elevation of Privilege |
Important | 6.3.9600.22318 |
| Windows Server 2012 (Server Core installation) |
Elevation of Privilege |
Important | 6.2.9200.25222 |
| Windows Server 2012 |
Elevation of Privilege |
Important |
6.2.9200.25222 |
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) |
Elevation of Privilege |
Important | 6.1.7601.27467
6.1.7601.27467 |
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 |
Elevation of Privilege |
Important | 6.1.7601.27467
6.1.7601.27467 |
|
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) |
Elevation of Privilege |
Important | 6.0.6003.23016
6.0.6003.23016 |
| Windows Server 2008 for x64-based Systems Service Pack 2 |
Elevation of Privilege |
Important | 6.0.6003.23016
6.0.6003.23016 |
|
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) |
Elevation of Privilege |
Important | 6.0.6003.23016
6.0.6003.23016 |
|
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) |
Elevation of Privilege |
Important | 6.0.6003.23016
6.0.6003.23016 |
| Windows Server 2016 (Server Core installation) |
Elevation of Privilege |
Important |
10.0.14393.7606 |
| Windows Server 2016 |
Elevation of Privilege |
Important |
10.0.14393.7606 |
| Windows 10 Version 1607 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.14393.7606 |
| Windows 10 Version 1607 for 32-bit Systems |
Elevation of Privilege |
Important | 10.0.14393.7606 |
|
Windows 10 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.10240.20857 |
| Windows 10 for 32-bit Systems |
Elevation of Privilege |
Important | 10.0.10240.20857 |
| Windows Server 2025 |
Elevation of Privilege |
Important | 10.0.26100.2605
10.0.26100.2528 |
| Windows 11 Version 24H2 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.26100.2605
10.0.26100.2528 |
| Windows 11 Version 24H2 for ARM64-based Systems |
Elevation of Privilege |
Important | 10.0.26100.2605
10.0.26100.2528 |
| Windows Server 2022, 23H2 Edition (Server Core installation) |
Elevation of Privilege |
Important | 10.0.25398.1308 |
| Windows 11 Version 23H2 for x64-based Systems |
Elevation of Privilege |
Important | 10.0.22631.4602 |
| Windows 11 Version 23H2 for ARM64-based Systems | Elevation of Privilege | Important | 10.0.22631.4602 |
| Windows Server 2025 (Server Core installation) | Elevation of Privilege | Important | 10.0.26100.2605
10.0.26100.2528 |
| Windows 10 Version 22H2 for 32-bit Systems | Elevation of Privilege | Important | 10.0.19045.5247 |
|
Windows 10 Version 22H2 for ARM64-based Systems |
Elevation of Privilege | Important | 10.0.19045.5247 |
| Windows 10 Version 22H2 for x64-based Systems | Elevation of Privilege | Important | 10.0.19045.5247 |
|
Windows Server 2019 (Server Core installation) |
Elevation of Privilege | Important | 10.0.17763.6659 |
|
Windows Server 2019 |
Elevation of Privilege | Important | 10.0.17763.6659 |
| Windows 10 Version 1809 for x64-based Systems | Elevation of Privilege | Important | 10.0.17763.6659 |
| Windows 10 Version 1809 for 32-bit Systems | Elevation of Privilege | Important | 10.0.17763.6659 |
توضیحات
این آسیب پذیری در ویندوز به عنوان یک آسیب پذیری بحرانی طبقه بندی شده است. این آسیب پذیری بخش ناشناخته ای از درایور سیستم فایل گزارش مشترک را تحت تأثیر قرار می دهد. ایجاد تغییرات منجر به سرریز مبتنی بر پشته می شود.
احتمال اکسپلویت از این آسیب پذیری در 30 روز آینده 0.04% است.
CVSS
| Score | Severity | Version | Vector String | ||
| 7.8 | HIGH | 3.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | ||
نتیجه گیری
با توجه به این که میزان خطر این آسیب پذیری 7.8 بیان شده و میزان ریسک بالایی را در سیستم ایجاد می کند لذا برای جلوگیری از نفوذ مهاجمان بهتر است همواره از اخرین بروزرسانی های بیان شده استفاده کنید.
