← ExploitWatch
HomeExploited Vulnerabilities

CVE-2010-4398 — Actively Exploited: Windows (Microsoft)

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.

CVE IDCVE-2010-4398
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
Date added2022-03-28
Remediation due2022-04-21
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionStack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →