Windows AppLocker Driver LPE Vulnerability CVE 2024 21338

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/windows-exploit-research/Windows AppLocker Driver LPE Vulnerability - CVE-2024-21338.md.

Status: integrated Integrated into: CVE-2024-21338

Excerpt

When I initially interviewed candidates for CF’s Windows Researchers position, one of the challenges I gave out was related to CVE-2024-21338. A Windows Kernel Elevation of Privileges, specifically an Untrusted Pointer Dereference vulnerability in the appid.sys driver. The driver is responsible for the AppLocker technolo…