CVE-2024-21338
Windows Kernel Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
Windows Kernel Elevation of Privilege Vulnerability
| Vendor | microsoft |
| Product | windows 10 version 1809 |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Feb 13, 2024 |
| Last Updated | Oct 21, 2025 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for microsoft windows 10 version 1809
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-21338.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Microsoft / Windows 10 Version 1809
10.0.17763.0 < 10.0.17763.5458
Microsoft / Windows 10 Version 1809
10.0.0 < 10.0.17763.5458
Microsoft / Windows Server 2019
10.0.17763.0 < 10.0.17763.5458
Microsoft / Windows Server 2019 (Server Core installation)
10.0.17763.0 < 10.0.17763.5458
Microsoft / Windows Server 2022
10.0.20348.0 < 10.0.20348.2322
Microsoft / Windows 11 version 21H2
10.0.0 < 10.0.22000.2777
Microsoft / Windows 10 Version 21H2
10.0.19043.0 < 10.0.19044.4046
Microsoft / Windows 11 version 22H2
10.0.22621.0 < 10.0.22621.3155
Microsoft / Windows 10 Version 22H2
10.0.19045.0 < 10.0.19045.4046
Microsoft / Windows 11 version 22H3
10.0.22631.0 < 10.0.22631.3155
Microsoft / Windows 11 Version 23H2
10.0.22631.0 < 10.0.22631.3155
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
10.0.25398.0 < 10.0.25398.709
References
msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21338 exploit-db.com: https://www.exploit-db.com/exploits/52275 packetstorm.news: https://packetstorm.news/files/id/190586/ decoded.avast.io: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/