AI description
CVE-2024-26230 is an elevation of privilege vulnerability impacting the Windows Telephony Server component across various Microsoft Windows operating systems. This flaw is categorized as a Use After Free (CWE-416) memory corruption issue, which allows a local attacker with low privileges to escalate their access to higher privileges on an affected system. The vulnerability specifically resides within the `FreeDialogInstance` function in `tapisrv.dll`, where improper memory handling can lead to a dangling pointer scenario. Exploitation of CVE-2024-26230 requires an attacker to first gain local access to the target system. Once local access is established, the attacker can trigger specific telephony API calls that prematurely free memory. Subsequently, the attacker can allocate new memory in the same region with malicious content, leading to arbitrary code execution with elevated privileges, potentially reaching SYSTEM-level access.
- Description
- Windows Telephony Server Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_21h2, windows_11_22h2, windows_11_23h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-416
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
#Vulnerability #CVE202426230 PoC Exploit Releases for Windows Elevation of Privilege Vulnerability CVE-2024-26230 https://t.co/NtIAenXwNd
@Komodosec
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
''A trick, the story of CVE-2024-26230'' #infosec #pentest #redteam #blueteam https://t.co/yV5XSkz7wb
@CyberWarship
30 Mar 2026
874 Impressions
1 Retweet
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #CVE-2024-26230: #Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege) https://t.co/pWT1Zypkkv Educational Purposes!
@UndercodeUpdate
22 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Our experts regularly update Core Impact's certified #exploit library. Get details on the latest additions, including CVE-2024-6769, CVE-2024-36401, CVE-2024-47176, CVE-2024-38054, CVE-2024-26230, CVE-2024-0799, CVE-2024-0800, and more. https://t.co/DziZgG9ccw https://t.co/gveK7y
@CoreSecurity
11 Nov 2024
401 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E",
"versionEndExcluding": "10.0.10240.20596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108",
"versionEndExcluding": "10.0.10240.20596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3",
"versionEndExcluding": "10.0.14393.6897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE",
"versionEndExcluding": "10.0.14393.6897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237",
"versionEndExcluding": "10.0.17763.5696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF",
"versionEndExcluding": "10.0.19044.4291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E",
"versionEndExcluding": "10.0.19045.4291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02",
"versionEndExcluding": "10.0.22000.2899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694",
"versionEndExcluding": "10.0.22621.3447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79409538-C0CE-4051-80C3-383220427D0B",
"versionEndExcluding": "10.0.22631.3447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122",
"versionEndExcluding": "10.0.14393.6897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E",
"versionEndExcluding": "10.0.17763.5696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA",
"versionEndExcluding": "10.0.20348.2402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC",
"versionEndExcluding": "10.0.25398.830",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]