Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
CVE-2024-43631: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43631
Summary
A security weakness in Windows Secure Kernel mode could allow an attacker to gain unauthorized access to sensitive system settings. This could potentially lead to malicious activities such as data theft or system compromise. Users should update their Windows systems to the latest security patches as soon as possible to mitigate this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| microsoft | windows_10_21h2 |
< 10.0.19044.5131 cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_10_22h2 |
< 10.0.19045.5131 cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_22h2 |
< 10.0.22621.4460 cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_23h2 |
< 10.0.22631.4460 cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_24h2 |
< 10.0.26100.2314 cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_server_2022 |
< 10.0.20348.2849 cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022_23h2 |
< 10.0.25398.1251 cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2025 |
< 10.0.26100.2314 cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* |
Original title
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Original description
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
nvd CVSS3.1
7.8
Vulnerability type
CWE-822
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43631 Patch Vendor Advisory
Published: 12 Nov 2024 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026