U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog


U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini
December 11, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Common Log File System (CLFS) driver flaw to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Common Log File System (CLFS) driver flaw CVE-2024-49138  (CVSS score: 7.8) to its Known Exploited Vulnerabilities (KEV) catalog.

Microsoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities including an actively exploited zero-day, tracked as CVE-2024-49138. Microsoft did not disclose information about the attack exploiting this vulnerability.

An attacker can exploit this vulnerability to gain SYSTEM privileges.

Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.” reads the advisory.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by December 31, 2024.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA Known Exploited Vulnerabilities catalog)







Source link