CVE-2022-24521

HIGH KEV RANSOMWARE

Windows Common Log File System Driver - Privilege Escalation

Title source: llm

Description

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploits (1)

nomisec WORKING POC
by uname1able · local
https://github.com/uname1able/CVE-2022-24521

References (2)

Scores

CVSS v3 7.8
EPSS 0.0844
EPSS Percentile 92.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-04-13
VulnCheck KEV 2022-04-12
InTheWild.io 2022-04-12
ENISA EUVD EUVD-2022-29401
Ransomware Use Confirmed
CWE
CWE-787
Status published
Products (19)
microsoft/windows_10_1507 < 10.0.10240.19265
microsoft/windows_10_1607 < 10.0.14393.5066
microsoft/windows_10_1809 < 10.0.17763.2803
microsoft/windows_10_1909 < 10.0.18363.2212
microsoft/windows_10_20h2 < 10.0.19042.1645
microsoft/windows_10_21h1 < 10.0.19043.1645
microsoft/windows_10_21h2 < 10.0.19044.1645
microsoft/windows_11_21h2 < 10.0.22000.613
microsoft/windows_7
microsoft/windows_8.1
... and 9 more
Published Apr 15, 2022
KEV Added Apr 13, 2022
Tracked Since Feb 18, 2026