Vulnerability Report

CVE-2024-49138

CISA KEV Active

Title: Microsoft Windows 10 22H2 Memory Corruption

Memory Corruption

Proof Of Concept

PoC Available for CVE-2024-49138

CWE Category CWE-122
Published Date Dec 12, 2024
Modified Date Oct 28, 2025
Exploit Status Available
Score 7.8 CVSS v3.1
Exploit Probability (EPSS)
25.41%

Vulnerability Summary

CVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability

Impacted Vendors

M
microsoft 15

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138 https://packetstorm.news/files/id/190585/ https://www.exploit-db.com/exploits/52270 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-49138
CVSS v3.1
Source Entity [email protected]
Severity HIGH
7.8
Attack Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2024-49138 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/MrAle98/CVE-2024-49138-POC
View Code
GitHub https://github.com/1rhino2/SCRAPPED
View Code
GitHub https://github.com/bananoname/CVE-2024-49138-POC
View Code
Exploit-DB https://www.exploit-db.com/exploits/52270
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector LOCAL
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.