CVE-2024-38081
📊 7.3 HIGH⚡ 0.6%🎯 0 exploits
📅 Published Jul 9, 2024
📋 Status: Modified
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
56 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2012 | r2 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.8 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* |
💻OS | microsoft | windows 10 1809 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
💻OS | microsoft | windows server 2012 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2012 | r2 Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:* |
📱App | microsoft | .net framework | 3.0 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
📱App | microsoft | .net framework | 2.0 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
📱App | microsoft | .net framework | 4.6.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:* |
💻OS | microsoft | windows server 2008 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* |
📱App | microsoft | .net framework | 4.8.1 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 21h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 22h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows 11 23h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2022 23h2 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* |
📱App | microsoft | .net | ≥ 6.0.0 ∧ < 6.0.32 | Vulnerable | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.4 ∧ < 17.4.21 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.6 ∧ < 17.6.17 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | visual studio 2022 | ≥ 17.8 ∧ < 17.8.12 | Vulnerable | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 3.5 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* |
📱App | microsoft | .net framework | 4.7.2 | Vulnerable | cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x64 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
💻OS | microsoft | windows 10 1607 | All versions Target HW: x86 | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:* |
💻OS | microsoft | windows 10 1809 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2016 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
💻OS | microsoft | windows server 2019 | All versions | Not Vulnerable | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.8
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5.1
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:x64:*
📱
VulnerableApplication
Version: 3.0
CPE:
cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
📱
VulnerableApplication
Version: 2.0
CPE:
cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
📱
VulnerableApplication
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
📱
VulnerableApplication
Version: 4.8.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
Version: ≥ 6.0.0 ∧ < 6.0.32
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.4 ∧ < 17.4.21
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.6 ∧ < 17.6.17
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 17.8 ∧ < 17.8.12
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
💻
SafeOperating System
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
💻
SafeOperating System
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
56 products•scroll for more
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
LOW
User Interaction:
REQUIRED
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
7.3 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.6% (Minimal)68.5th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Jul 9, 2024 (1 year ago)
Last Modified
Nov 21, 2024 (11 months ago)
Security Weaknesses2
CWE-59
References2
NVDpatch