CVE-2024-49138 is a zero-day exploited in the wild targeting the Windows CLFS driver to gain SYSTEM privileges. Apply the December 2024 Patch Tuesday update immediately. This vulnerability follows a long pattern of CLFS driver exploitation by ransomware operators.
Windows Common Log File System Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →