CVE-2024-37978

🗓️ 09 Jul 2024 17:03:01Reported by microsoftType

Secure Boot Security Feature Bypass Vulnerability CVE-2024-3797

Reporter	Title	Published	Views	Family All 17
CNNVD	Microsoft Windows Secure Boot Security Vulnerability	9 Jul 202400:00	–	cnnvd
Cvelist	CVE-2024-37978 Secure Boot Security Feature Bypass Vulnerability	9 Jul 202417:03	–	cvelist
EUVD	EUVD-2024-37018	3 Oct 202520:07	–	euvd
Microsoft KB	July 9, 2024—KB5040438 (OS Build 25398.1009)	10 Sep 202407:00	–	mskb
Microsoft KB	July 9, 2024—KB5040442 (OS Builds 22621.3880 and 22631.3880)	10 Sep 202407:00	–	mskb
Kaspersky	KLA70416 Multiple vulnerabilities in Microsoft Windows	9 Jul 202400:00	–	kaspersky
Microsoft CVE	Secure Boot Security Feature Bypass Vulnerability	9 Jul 202407:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Windows	9 Jul 202418:40	–	ncsc
NVD	CVE-2024-37978	9 Jul 202417:15	–	nvd
OpenVAS	Microsoft Windows Multiple Vulnerabilities (KB5040442, Blast-RADIUS)	10 Jul 202400:00	–	openvas

NVD

Vulners

CNA

Node

microsoft windows_11_22h2Range<10.0.22621.3880

microsoft windows_11_23h2Range<10.0.22631.3880

microsoft windows_server_2022_23h2Range<10.0.25398.1009

[
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H2",
    "platforms": [
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22621.0",
        "lessThan": "10.0.22621.3880",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H3",
    "platforms": [
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22631.0",
        "lessThan": "10.0.22631.3880",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 Version 23H2",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.22631.0",
        "lessThan": "10.0.22631.3880",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.25398.0",
        "lessThan": "10.0.25398.1009",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37978

10 Feb 2026 23:34Current

7.8High risk

Vulners AI Score7.8

CVSS 3.18

EPSS0.02348

SSVC

CWE-121