{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T16:55:25.012","vulnerabilities":[{"cve":{"id":"CVE-2024-49138","sourceIdentifier":"secure@microsoft.com","published":"2024-12-12T02:04:40.307","lastModified":"2025-10-28T14:15:02.983","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Windows Common Log File System Driver Elevation of Privilege Vulnerability"},{"lang":"es","value":" Vulnerabilidad de elevaciĆ³n de privilegios en Windows Common Log File System Driver"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"cisaExploitAdd":"2024-12-10","cisaActionDue":"2024-12-31","cisaRequiredAction":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.10240.20857","matchCriteriaId":"10F567C3-3739-4F3D-B9E0-D2725D09CE0D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.10240.20857","matchCriteriaId":"04D1F48B-C323-4062-B5E1-9700ADBB153C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.7606","matchCriteriaId":"29B44B5E-3D35-4A5B-A916-6E70923FAB7C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.7606","matchCriteriaId":"77EAFFB9-3053-4197-B52D-69F4F86C8FBA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.6659","matchCriteriaId":"5FA7C375-3A7C-4F34-B6E7-82C187B4F7AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.6659","matchCriteriaId":"576F141F-C874-4817-961A-2C4D2AB3DEA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.5247","matchCriteriaId":"2BD1D819-7D27-4181-9672-0F1DC6F15BA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.5247","matchCriteriaId":"6DF22110-AA81-4D46-BE27-A3F70112AD44"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.5247","matchCriteriaId":"A374923B-799C-4057-9C77-DE03A20FF4FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.5247","matchCriteriaId":"979EA48D-ED87-4852-B436-D730A9130BA9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.5247","matchCriteriaId":"1FA81A8A-13B7-4180-8F8E-9079F6C82353"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.5247","matchCriteriaId":"9ACEFC50-0F9A-45DF-9002-B823DAE1FE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22621.4602","matchCriteriaId":"C928D5FD-9F91-4BC7-A151-76B72F9539B3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22621.4602","matchCriteriaId":"943E002C-645E-4AA0-B15A-621B79DF97A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.4602","matchCriteriaId":"ED3FE198-9DED-4108-AFAC-3BBF93AC7779"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.4602","matchCriteriaId":"3B0A1BFF-C699-4863-AAEC-0F304BB3255C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.2605","matchCriteriaId":"8F34994C-CF51-49A4-8985-9B0C6EF1C3A2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.2605","matchCriteriaId":"40E04CC5-22CA-4D16-9B1F-695277A5D83E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*","matchCriteriaId":"AB425562-C0A0-452E-AABE-F70522F15E1A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:x64:*","matchCriteriaId":"C0DC57FA-88F8-4D5C-94BD-3A8B1FB8C047"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.7606","matchCriteriaId":"361D1B8E-6E56-4B5F-85D1-D47114A10A81"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.6659","matchCriteriaId":"11517523-F822-45BC-B347-C65F00B45202"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.2966","matchCriteriaId":"AECABB2C-DACB-4BBD-8739-DDB00285B0A7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.25398.1308","matchCriteriaId":"37977CFB-B259-49B8-B0C5-85ECB40FE429"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.2605","matchCriteriaId":"E013EA3C-6F18-4CA4-AF5B-664F869B9A6D"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://packetstorm.news/files/id/190585/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/52270","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","VDB Entry"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-49138","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}