Vulnerability details
Advisory: SB2024081373 - Security features bypass in Microsoft Windows
Vulnerable component: Windows
CVE-ID: CVE-2024-38213
CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C
CWE-ID: CWE-693 - Protection Mechanism Failure
Description:
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass Windows Mark of the Web security feature.
Note, the vulnerability is being actively exploited in the wild.
External links:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38213