CVE-2024-21338

Vulnerability updated 7 months ago (2024-02-16T09:56:49.962Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-21338 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Avast

Vulnerability

Exploit

CISA

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Fudmodule	Unspecified	3	FudModule is a sophisticated malware associated with North Korea-linked cyberespionage groups, Lazarus (also known as Citrine Sleet, AppleJeus, Labyrinth Chollima, UNC4736, and Hidden Cobra) and Diamond Sleet. This data-only rootkit executes entirely from user space, employing direct kernel object m

Source Document References

Information about the CVE-2024-21338 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	20 days ago	Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT
Securityaffairs	a month ago	Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION
CERT-EU	6 months ago	Lazarus APT exploited zero-day in Windows driver to gain kernel privileges
CERT-EU	6 months ago	Microsoft is Under Attack by Russian Hackers \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	6 months ago	March 2024 Patch Tuesday: Significant Vulnerabilities
CERT-EU	6 months ago	March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
CERT-EU	6 months ago	March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V - Help Net Security
CERT-EU	6 months ago	Windows admin-to-kernel exploit went unpatched for 6 months
CERT-EU	6 months ago	Microsoft left a kernel-level, zero-day bug in Windows for six months before patching it
Securityaffairs	6 months ago	CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
CERT-EU	6 months ago	CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
CISA	6 months ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA
CERT-EU	6 months ago	Weekly Vulnerability Recap 3/4/24: Ivanti, Ubiquiti, AppLocker
CERT-EU	6 months ago	CISA Adds One Known Exploited Vulnerability to Catalog
CERT-EU	6 months ago	Cyber Security Week in Review: March 1, 2024
CERT-EU	6 months ago	North Korean Lazarus hackers abused recent Windows zero-day to obtain kernel-level access
CERT-EU	6 months ago	Windows Kernel bug fixed last month exploited as zero-day since August
CERT-EU	6 months ago	Lazarus Group observed exploiting an admin-to-kernel Windows zero-day
CERT-EU	6 months ago	North Korean hackers exploit Windows zero-day flaw \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	6 months ago	Lazarus hackers exploited Windows zero-day to gain Kernel privileges