CVE-2024-38125

Summary

CVE-2024-38125 is a newly disclosed kernel vulnerability affecting the Streaming WOW64 (Winsub) Thunk Service Driver. This issue allows an attacker to elevate their privileges, potentially gaining administrative access to a compromised system. The vulnerability exists due to improper handling of user input in the driver, enabling attackers to execute arbitrary code in the context of the system. Successful exploitation could result in serious consequences, including data theft, system damage, or unauthorized access. System administrators are urged to apply patches as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.