October 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Quasar RAT aka CinaRAT – Active IOCs
June 13, 2024
Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
June 13, 2024
Quasar RAT aka CinaRAT – Active IOCs
June 13, 2024
Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
June 13, 2024
Severity
High
Analysis Summary
CVE-2024-30082 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Win32k component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30084 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel-Mode Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30085 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Cloud Files Mini Filter Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30086 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Win32 Kernel Subsystem component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30087 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Win32k component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-30088 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the Kernel component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
Impact
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-30082
- CVE-2024-30084
- CVE-2024-30085
- CVE-2024-30086
- CVE-2024-30087
- CVE-2024-30088
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows Server 2022
- Microsoft Windows Server 2022 23H2
- Microsoft Windows 10 Version 1607 for 32-bit Systems 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems 1607
- Microsoft Windows 10 Version 1809 for 32-bit Systems 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems 1809
- Microsoft Windows 10 Version 21H2 for 32-bit Systems 21H2
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems 21H2
- Microsoft Windows 10 Version 21H2 for x64-based Systems 21H2
- Microsoft Windows 10 Version 22H2 for 32-bit Systems 22H2
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 10 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems 23H2
- Microsoft Windows 11 Version 23H2 for x64-based Systems 23H2
- Microsoft Windows 11 version 21H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 version 21H2 for x64-based Systems 22H2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 23H2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 23H2
- Microsoft Windows Server 2012 23H2
- Microsoft Windows Server 2012 (Server Core installation) 23H2
- Microsoft Windows Server 2012 R2 23H2
- Microsoft Windows Server 2012 R2 (Server Core installation) 23H2
- Microsoft Windows Server 2016 23H2
- Microsoft Windows Server 2016 (Server Core installation) 23H2
- Microsoft Windows Server 2019 23H2
- Microsoft Windows Server 2019 (Server Core installation) 23H2
- Microsoft Windows Server 2022 (Server Core installation) 23H2
Remediation
Refer to Microsoft Security Advisory for patch, upgrade, or suggested workaround information.