CVE-2024-49093

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVSS 8.8 HIGHEPSS 0.9%CWE-681

In short

A flaw in Windows ReFS (Resilient File System) allows an attacker with local access to gain higher privileges on the system. This could let them take control of sensitive functions normally restricted to administrators.

Technical detail

CWE-681 vulnerability in Windows ReFS permits local privilege escalation through improper validation of file system operations. An attacker with local user privileges can exploit this to execute code with elevated system rights, compromising system integrity.

Summary generated and translated by AI from the official description.

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected products

Microsoft · Windows 11 Version 24H2 Microsoft · Windows Server 2025 Microsoft · Windows Server 2025 (Server Core installation)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49093