CVE-2024-21338

⚠ KEVEPSS 79.6%

Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability

Added to CISA KEV: 3/4/2024

Description

Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.

Affected packages (0)

No package mapping in OSV.