CVE-2024-43636

HIGH

Win32k - Privilege Escalation

Title source: llm

Win32k Elevation of Privilege Vulnerability

CVSS v3 7.8

EPSS 0.0030

EPSS Percentile 53.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

CWE

CWE-822

Status published

Products (15)

microsoft/windows_10_1507 < 10.0.10240.20826 (2 CPE variants)

microsoft/windows_10_1607 < 10.0.14393.7515 (2 CPE variants)

microsoft/windows_10_1809 < 10.0.17763.6532 (2 CPE variants)

microsoft/windows_10_21h2 < 10.0.19044.5131 (3 CPE variants)

microsoft/windows_10_22h2 < 10.0.19045.5131 (3 CPE variants)

microsoft/windows_11_22h2 < 10.0.22621.4460 (2 CPE variants)

microsoft/windows_11_23h2 < 10.0.22631.4460 (2 CPE variants)

microsoft/windows_11_24h2 < 10.0.26100.2314 (2 CPE variants)

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

... and 5 more

Published Nov 12, 2024

Tracked Since Feb 18, 2026