- Description
- Windows Mark of the Web Security Feature Bypass Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_21h2, windows_11_22h2, windows_11_23h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
- Exploit added on
- Aug 13, 2024
- Exploit action due
- Sep 3, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-693
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
Analysis of a Flaw in Microsoft's Patch for "copy2pwn" (CVE-2024-38213) https://t.co/ZiiKscTJPT https://t.co/Ese2DnQFE7
@0patch
13 Feb 2025
15821 Impressions
21 Retweets
60 Likes
37 Bookmarks
1 Reply
3 Quotes
Zero-day threats like CVE-2024-38213 are evolving. Discover how CimTrak's integrity monitoring can help you detect and defend against these elusive vulnerabilities. Read more to stay informed and prepared. 🔒⬇️ https://t.co/DAXV4pwQza #zerodayattack #CVE2024 #cybersecurity
@cimtrak
5 Jan 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-day threats like CVE-2024-38213 are evolving. Discover how CimTrak's integrity monitoring can help you detect and defend against these elusive vulnerabilities. Read more to stay informed and prepared. 🔒⬇️ https://t.co/PwjiW3nzj4 #zerodayattack #CVE2024 #cybersecurity
@cimtrak
8 Dec 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#OpenDir #WebDav #Malware msc4dfl1ed7eb485ad6ahelixpflanzen[.]de:5515 Final payload is unknown right now. The .HTML file leading there: https://t.co/ux6ZeOd8Nh Seems to exploit CVE-2024-38213. The LNK launches the porderx.vbs which calls onzau.bat which is ??? https://t.co/q
@SecurityAura
7 Dec 2024
1358 Impressions
2 Retweets
12 Likes
2 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7733FD-F870-4578-A567-9900AD6C78E3",
"versionEndExcluding": "10.0.10240.20680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D96DA51E-404E-49AE-B852-56FF8A1CEEA6",
"versionEndExcluding": "10.0.14393.7070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B52F95E-6080-46C6-B4B6-E2B3F3E78456",
"versionEndExcluding": "10.0.17763.5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEAF689-E8DB-4D3C-BC2E-B386BC077BC5",
"versionEndExcluding": "10.0.19044.4529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970F54FC-F4ED-49B9-BE94-96B7212FD149",
"versionEndExcluding": "10.0.19045.4529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84ECD6C0-8C47-4D2F-82B5-4F8C0BBC5FEE",
"versionEndExcluding": "10.0.22000.3019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E80DF17-1F27-474E-B147-9F5B6C494300",
"versionEndExcluding": "10.0.22621.3737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4258468C-56CC-45C0-B510-FC833E942876",
"versionEndExcluding": "10.0.22631.3737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48EA2B6D-D604-4548-88E9-4FE312C8CCA5",
"versionEndExcluding": "6.2.9200.24919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61AAF0-D769-4287-AA5C-EFDAD067E9F1",
"versionEndExcluding": "10.0.14393.7070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F9D974-A968-4CBB-81D8-C73B76DD284A",
"versionEndExcluding": "10.0.17763.5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "498A643B-0180-4AD3-BD7C-5E3CEB0FD112",
"versionEndExcluding": "10.0.20348.2522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA59E2D-57B2-4E8B-937A-3EB51A3AD285",
"versionEndExcluding": "10.0.25398.950",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]