Main Vulnerability Database Exploits ID:10626 - Exploit for Untrusted Pointer Dereference in Windows and Windows Server - CVE-2024-30090

ID:10626 - Exploit for Untrusted Pointer Dereference in Windows and Windows Server - CVE-2024-30090

Published: October 22, 2024

Vulnerability identifier: #VU91702

Vulnerability risk: Low

CVE-ID: CVE-2024-30090

CWE-ID: CWE-822

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/Dor00tkit/CVE-2024-30090

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to untrusted pointer dereference in Microsoft Streaming Service. A local user can win a race condition and gain elevated privileges on the system.

Remediation

Install updates from vendor's website.

ID:10626 - Exploit for Untrusted Pointer Dereference in Windows and Windows Server - CVE-2024-30090

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human