Lucene search
HistoryJan 09, 2024 - 6:15 p.m.
CVE-2024-20691
windows themes
information disclosure
vulnerability
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.1
Confidence
High
EPSS
0.001
Percentile
17.6%
Windows Themes Information Disclosure Vulnerability
Affected configurations
Node
microsoftwindows_10_1507Range<10.0.10240.20402x64
ORmicrosoftwindows_10_1507Range<10.0.10240.20402x86
ORmicrosoftwindows_10_1607Range<10.0.14393.6614x64
ORmicrosoftwindows_10_1607Range<10.0.14393.6614x86
ORmicrosoftwindows_10_1809Range<10.0.17763.5329
ORmicrosoftwindows_10_21h2Range<10.0.19044.3930
ORmicrosoftwindows_10_22h2Range<10.0.19045.3930
ORmicrosoftwindows_11_21h2Range<10.0.22000.2713arm64
ORmicrosoftwindows_11_21h2Range<10.0.22000.2713x64
ORmicrosoftwindows_11_22h2Range<10.0.22621.3007arm64
ORmicrosoftwindows_11_22h2Range<10.0.22621.3007x64
ORmicrosoftwindows_11_23h2Range<10.0.22631.3007arm64
ORmicrosoftwindows_11_23h2Range<10.0.22631.3007x64
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2019Match-
ORmicrosoftwindows_server_2022Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* |
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* |
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* |
Related
mscve
mscve
Windows Themes Information Disclosure Vulnerability
2024-01-09 08:00:00
cve
cve
CVE-2024-20691
2024-01-09 18:15:52
prion
prion
Information disclosure
2024-01-09 18:15:00
cvelist
cvelist
CVE-2024-20691 Windows Themes Information Disclosure Vulnerability
2024-01-09 17:56:51
mskb
mskb
January 9, 2024âKB5034169 (Monthly Rollup)
2024-01-09 08:00:00
January 9, 2024âKB5034167 (Security-only update)
2024-01-09 08:00:00
January 9, 2024âKB5034134 (OS Build 10240.20402)
2024-03-22 07:00:00
nessus
nessus
KB5034167: Windows Server 2008 R2 Security Update (January 2024)
2024-01-09 00:00:00
KB5034184: Windows Server 2012 Security Update (January 2024)
2024-01-09 00:00:00
KB5034171: Windows Server 2012 R2 Security Update (January 2024)
2024-01-09 00:00:00
kaspersky
kaspersky
KLA62824 Multiple vulnerabilities in Microsoft Products (ESU)
2024-01-09 00:00:00
KLA62827 Multiple vulnerabilities in Microsoft Windows
2024-01-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5034134)
2024-01-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034119)
2024-01-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034121)
2024-01-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2024
2024-01-09 21:23:10
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.1
Confidence
High
EPSS
0.001
Percentile
17.6%
Related for NVD:CVE-2024-20691