- Description
- Windows Themes Spoofing Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_21h2, windows_11_22h2, windows_11_23h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
- secure@microsoft.com
- CWE-200
- nvd@nist.gov
- NVD-CWE-noinfo
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
5
Top 5 Trending CVEs: 1 - CVE-2025-24132 2 - CVE-2026-20963 3 - CVE-2023-50428 4 - CVE-2026-0023 5 - CVE-2024-21320 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
21 Mar 2026
166 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔎 Análisis forense de la explotación de CVE-2024-21320: abuso de Windows Themes para captura de NTLM, acceso remoto y persistencia Las vulnerabilidades que permiten la filtración de credenciales siguen siendo uno de los vectores más eficaces para comprometer entornos Wind
@HackersCuriosos
20 Mar 2026
2153 Impressions
13 Retweets
38 Likes
25 Bookmarks
1 Reply
0 Quotes
Análisis forense de la explotación de CVE-2024-21320: abuso de Windows Themes para captura de NTLM, acceso remoto y persistencia https://t.co/Mw6shhxrUR #DFIR #DigitalForensics #CyberSecurity #IncidentResponse #WindowsForensics #ThreatHunting #ThreatIntelligence #BlueTeam #SOC
@HackersCuriosos
19 Mar 2026
88 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
⚠️ Another Free CVE Challenge: Windows Theme Spoofing We always try our best to prepare REAL-WORLD cases for you! CVE: CVE-2024-21320 Role: DFIR Difficulty: Hard https://t.co/LDCIrxJHoL
@LetsDefendIO
10 Jan 2025
1773 Impressions
5 Retweets
14 Likes
7 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-21320
@transilienceai
6 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ماکروسافت برای آسیب پذیری با کد شناسایی CVE-2024-21320 پچ لازم را منتشر نمود اما بعد از مدتی مشخص شد که این پچ نیز قابل دور زدن می باشد . برای همین پچ نیز که به نوعی آسیب پذیر بود کد شناسایی جدید CVE-2024-38030 را منتشر نمود و پچ جدید را ارائه کرد. https://t.co/Y2P1U3epiq https:/
@AmirHossein_sec
5 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Windows Themes Zero-Day Alert 🚨 🛠️ Unofficial patch out for a new Windows Themes bug that leaks NTLM credentials just by viewing malicious theme files ⚠️ Mitigate Now: Use 0patch or follow Microsoft’s NTLM blocking guidance (CVE-2024-21320) until an official fix is release
@shaharia_munna
31 Oct 2024
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windowsテーマにおけるゼロデイ脆弱性に対する非公式パッチを0patch社が提供。該当脆弱性はCVE未採番で、CVE-2024-21320を迂回可能なCVE-2024-38030のマイクロパッチを開発中だったACROS Security社が発見したもの。NTLM資格情報が窃取される可能性。 https://t.co/bLDX6xMvLU
@__kokumoto
30 Oct 2024
924 Impressions
9 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F40B0037-2EF9-4172-BD2B-C5D046426DC9",
"versionEndExcluding": "10.0.10240.20402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1642CC8D-1521-46D9-AE2A-7CD9BCE30565",
"versionEndExcluding": "10.0.14393.6614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2C6F0A-4519-43AE-A36D-39F968FF3DCD",
"versionEndExcluding": "10.0.17763.5329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9519C-EC1F-48D1-89F5-2DCBF84C8251",
"versionEndExcluding": "10.0.19044.3930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6C6A0-6A10-4A8B-9DF2-D00CE5F863BD",
"versionEndExcluding": "10.0.19045.3930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "290AE500-245E-4C97-953C-05D679164894",
"versionEndExcluding": "10.0.22000.2713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8145E3A1-AA48-49CD-A391-8BA9F3860316",
"versionEndExcluding": "10.0.22621.3007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D7A1EA-2E86-4600-A7B8-DAA5ACABE8D0",
"versionEndExcluding": "10.0.22631.3007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F92AA0-D568-4DD8-B50E-29F3561F81AB",
"versionEndExcluding": "10.0.14393.6614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51DCD313-6848-46DD-B4C6-DA2A8F6291CD",
"versionEndExcluding": "10.0.17763.5329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13224366-AD63-4CAD-85D1-F9599CFE1B14",
"versionEndExcluding": "10.0.20348.2227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]