CVE-2022-24483

MEDIUM

Windows Kernel - Information Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-24483. PoCs published by waleedassar.

AI-analyzed exploit summary This PoC demonstrates an information disclosure vulnerability (CVE-2022-24483) in the Windows kernel's `nt!PfpPrivSourceEnum` function, leaking `_EPROCESS` addresses via the `SystemSuperfetchInformation` system call. It uses two methods to retrieve process creation times and XORs them with leaked data to disclose kernel memory addresses.

Description

Windows Kernel Information Disclosure Vulnerability

Exploits (1)

nomisec WORKING POC 14 stars
by waleedassar · poc
https://github.com/waleedassar/CVE-2022-24483

This PoC demonstrates an information disclosure vulnerability (CVE-2022-24483) in the Windows kernel's `nt!PfpPrivSourceEnum` function, leaking `_EPROCESS` addresses via the `SystemSuperfetchInformation` system call. It uses two methods to retrieve process creation times and XORs them with leaked data to disclose kernel memory addresses.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows (kernel)
No auth needed
Prerequisites: Local access to a vulnerable Windows system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 5.5
EPSS 0.0210
EPSS Percentile 79.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Status published
Products (16)
microsoft/windows_10
microsoft/windows_10 20h2
microsoft/windows_10 21h1
microsoft/windows_10 21h2
microsoft/windows_10 1607
microsoft/windows_10 1809
microsoft/windows_10 1909
microsoft/windows_11 (2 CPE variants)
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 6 more
Published Apr 15, 2022
Tracked Since Feb 18, 2026