Known Exploited Vulnerabilities CVE-2024-38080

Windows Hyper-V Elevation of Privilege Vulnerability

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2024-38080	Microsoft Windows Hyper-V Privilege Escalation Vulnerability	exploitation_technique	T1204.002	Malicious File	Comments This zero-day vulnerability presents itself after an adversary has already infiltrated the victim's network and enables the adversary to obtain SYSTEM level privileges via Microsoft Windows Hyper-V product. As of now, details of how the attacker's methods to exploit this vulnerability are undisclosed. References https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-july-2024/ https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html
CVE-2024-38080	Microsoft Windows Hyper-V Privilege Escalation Vulnerability	primary_impact	T1068	Exploitation for Privilege Escalation	Comments This zero-day vulnerability presents itself after an adversary has already infiltrated the victim's network and enables the adversary to obtain SYSTEM level privileges via Microsoft Windows Hyper-V product. As of now, details of how the attacker's methods to exploit this vulnerability are undisclosed. References https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-july-2024/ https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html