CVE-2024-38217
MEDIUM KEVWindows 10 1507-22H2 and Windows 11 21H2-24H2 - Mark of the Web Security Feature Bypass
Title source: llmExploitation Summary
CVE-2024-38217 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added September 10, 2024.
Description
Windows Mark of the Web Security Feature Bypass Vulnerability
References (3)
Core 3
Core References
Exploit, Third Party Advisory
https://www.elastic.co/security-labs/dismantling-smart-app-control
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38217
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217
Scores
CVSS v3
5.4
EPSS
0.0970
EPSS Percentile
94.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
partial
Details
CISA KEV
2024-09-10
VulnCheck KEV
2024-09-10
InTheWild.io
2024-09-10
ENISA EUVD
EUVD-2024-37184
CWE
CWE-693
Status
published
Products (17)
microsoft/windows_10_1507
< 10.0.10240.20766 (2 CPE variants)
microsoft/windows_10_1607
< 10.0.14393.7336 (2 CPE variants)
microsoft/windows_10_1809
< 10.0.17763.6293 (2 CPE variants)
microsoft/windows_10_21h2
< 10.0.19044.4894
microsoft/windows_10_22h2
< 10.0.19045.4894
microsoft/windows_11_21h2
< 10.0.22000.3197
microsoft/windows_11_22h2
< 10.0.22621.4169
microsoft/windows_11_23h2
< 10.0.22631.4169
microsoft/windows_11_24h2
< 10.0.26100.1742 (2 CPE variants)
microsoft/windows_server_2008
... and 7 more
Published
Sep 10, 2024
KEV Added
Sep 10, 2024
Tracked Since
Feb 18, 2026