← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-49138 — Actively Exploited: Windows (Microsoft)

Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.

CVE IDCVE-2024-49138
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Date added2024-12-10
Remediation due2024-12-31
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →