CVE-2024-21417

HIGH8.8JSON export Create alert

Description

Windows Text Services Framework Elevation of Privilege Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Windows 10 Version 180910.0.17763.0 – 10.0.17763.6054
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19044.4651
Microsoft / Windows 10 Version 22H210.0.19045.0 – 10.0.19045.4651
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.3079
Microsoft / Windows 11 version 22H210.0.22621.0 – 10.0.22621.3880
Microsoft / Windows 11 version 22H310.0.22631.0 – 10.0.22631.3880
Microsoft / Windows 11 version 23H210.0.22631.0 – 10.0.22631.3880
Microsoft / Windows Server 201910.0.17763.0 – 10.0.17763.6054
Microsoft / Windows Server 2019 (Server Core installation)10.0.17763.0 – 10.0.17763.6054
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.2582
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)10.0.25398.0 – 10.0.25398.1009

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21417