CVE-2024-21351

unknown KEV

Published 2024-02-13 · Modified 2024-02-13

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.

CISA KEV

Vendor: Microsoft
Product: Windows
Due date: 2024-03-05

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351; https://nvd.nist.gov/vuln/detail/CVE-2024-21351

Exploits

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351; https://nvd.nist.gov/vuln/detail/CVE-2024-21351

Verify integrity in audit chain (admin only). AS-IS.