CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-38080

Medium Severity
Microsoft
SVRS
36/100
CVSSv3
7.8/10
EPSS
0.16543/1

CVE-2024-38080 is a Windows Hyper-V Elevation of Privilege Vulnerability. This flaw allows an attacker to gain elevated privileges on a system running Hyper-V. The relatively low SOCRadar Vulnerability Risk Score (SVRS) of 36 suggests while present, immediate action may not be as crucial compared to vulnerabilities with higher scores.

The vulnerability, classified under CWE-190, involves an integer overflow leading to privilege escalation. While the CVSS score is 7.8, indicating high severity, the SVRS indicates the threat might not be as actively exploited or impactful in the broader threat landscape. However, given the active exploits and its presence in the CISA KEV catalog, careful monitoring is crucial. Successful exploitation could allow attackers to bypass security restrictions and gain administrative control over the Hyper-V environment. Organizations using Windows Hyper-V should review vendor advisories and apply necessary patches to mitigate the potential risk associated with this vulnerability despite the lower SVRS.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:H
A:H
E:U
RL:O
RC:C
PUBLICATION DATE2025-03-11
LAST MODIFIED2024-07-09

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Microsoft Windows Hyper-V Privilege Escalation Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-380802024-07-09
pwndorei/CVE-2024-38080https://github.com/pwndorei/CVE-2024-380802024-09-01
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)
Tenable Security Response Team2024-11-13
Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) | 4Critical 82Important 1Moderate 0<
securityboulevard.com
rss
forum
news
Actively Exploited Microsoft Zero-Days Fixed in July Patch Tuesday - MSSP Alert
2024-07-10
Actively Exploited Microsoft Zero-Days Fixed in July Patch Tuesday - MSSP Alert | News Content: Fixes have been issued by Microsoft for 139 security vulnerabilities impacting its products, including four zero-day flaws, two of which have been actively exploited, as part of this month's Patch Tuesday, reports SC Media. Included in the issues under ongoing abuse is a privilege escalation bug in Windows Hyper-V hypervisor, tracked as CVE-2024-38080, which could be leveraged to infiltrate systems, as well as the mysterious flaw, tracked as CVE-2024-38112, which has been noted by Microsoft to have a "spoofing
google.com
rss
forum
news
The July 2024 Security Update Review
Dustin Childs2024-07-09
The July 2024 Security Update Review | We’re just past the halfway point of 2024, and as expected, Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for July 2024For July, Adobe released three
cve-2024-37977
cve-2024-38051
cve-2024-38015
cve-2024-38054
Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months - Dark Reading
2024-07-10
Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months - Dark Reading | News Content: Threat actors may have been exploiting one of the zero-day bugs that Microsoft patched in its July security update for at least 18 months prior to patch release. Though the vulnerability (CVE-2024-38112) affects the MSHTML (Trident) engine for the now retired Internet Explorer (IE) browser, newer Windows 10 and Windows 11 systems — where Edge is the default browser — are also susceptible to attacks targeting the flaw. Novel Exploit Chain Haifei Li, a security researcher at Check Point, discovered and reported the flaw to
google.com
rss
forum
news
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited - The Hacker News
2024-07-10
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited - The Hacker News | News Content: Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser over the past month. The two security shortcomings that have come under exploitation are below - CVE
google.com
rss
forum
news
Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits
Maine Basan2024-07-15
Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits | Threat actors are on the rise again. Discover the recent vulnerabilities, patches, and updates for your systems. The post Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits appeared first on eSecurity Planet.Last week&#8217;s vulnerability news highlighted major flaws across industries, urging quick patch response. The majority of incidents involved malicious threat actors exploiting vulnerabilities in
esecurityplanet.com
rss
forum
news
Weekly Vulnerability Report: Urgent Fixes for Rockwell Automation, Microsoft and Rejetto - The Cyber Express
2024-07-14
Weekly Vulnerability Report: Urgent Fixes for Rockwell Automation, Microsoft and Rejetto - The Cyber Express | News Content: Cyble Research &amp; Intelligence Labs (CRIL) analyzed 21 vulnerabilities in its weekly vulnerability report for the second week of July, including high severity flaws in products from Rockwell Automation, Microsoft and Johnson Controls. The report also emphasized critical-severity vulnerabilities in Gogs, Rejetto and OpenSource Geospatial Foundation, which pose a significant threat. A recent study led by Microsoft found that more than 80% of successful cyberattacks could have easily been prevented through timely patches and software updates. And with an estimate that the average computer
google.com
rss
forum
news

Social Media

A demonstration exploit has been made available for a newly discovered security vulnerability in Windows Hyper-V, identified as CVE-2024-38080. Details: https://t.co/JJFo3WAXvQ #cybersecurity #infosec #infosecurity
0
0
0
Advice for CVE-2024-38080 (cont.) - Temporarily disable Windows Hyper-V if it is not necessary for business operatio... - Disable the Remote Desktop Licensing Service if it is not required, to mitigate ... Get Fletch for updated advice: https://t.co/y14Brx84pP (3/3)
0
0
0
PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080 - https://t.co/mM2w9xkq3O
0
0
0
PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080 Explore the analysis and #PoC exploit for the CVE-2024-38080 vulnerability in #Windows Hyper-V, a serious threat to virtualized environments https://t.co/rMbbYyFcHo
0
0
0
5 - CVE-2024-38080 - Windows Hyper-V - Severity Rating: 7.8 (High)
1
0
0
@DrStephenChan Today's Microsoft outage, impacting services that utilize #CrowdStrike, was due to vulnerabilities in Microsoft's July 2024 Patch Tuesday update. These included two actively exploited zero-day vulnerabilities (CVE-2024-38080 and CVE-2024-38112), which caused worldwide disruptions
0
0
0
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) https://t.co/OKb8eGZcFa https://t.co/DuDBwB976z
0
0
0
Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112) https://t.co/4bOOAr27yE https://t.co/Ns3Y8qWJBd
0
0
0
CISA highlights CVE-2024-38080 and CVE-2024-38112 from Microsoft’s July 2024 Patch Tuesday. These are among 138 fixes for active exploits. Stay informed: https://t.co/nJ7cVkwxOV #CyberSecurity #ZeroDay #CISA #PatchTuesday #TheCyberExpress https://t.co/4mWvaORYI6
0
0
0
Microsoft - CVE-2024-38080 https://t.co/4oya4tCgu6
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSMicrosoftwindows_11_22h2
OSMicrosoftwindows_server_2022
OSMicrosoftwindows_11_21h2
OSMicrosoftwindows_11_23h2
OSMicrosoftwindows_server_2022_23h2

References

ReferenceLink
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
AF854A3A-2127-422B-91AE-364DA2661108https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
WINDOWS HYPER-V ELEVATION OF PRIVILEGE VULNERABILITYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080

CWE Details

CWE IDCWE NameDescription
CWE-190Integer Overflow or WraparoundThe software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence