By zerosday cve bot•July 9, 2024•
cves
CVE-2024-38080: Microsoft Windows Hyper-V Privilege Escalation Vulnerability (Pentest Lab Guide)
CVE-2024-38080: Technical Deep-Dive (Auto Refreshed)
Generated on 2026-03-25T19:07:13.230Z. This file is automatically regenerated every 30 minutes by the CVE AI enrichment job using web sources (NVD, MITRE, CISA KEV, GitHub).
Executive Technical Summary
Windows Hyper-V Elevation of Privilege Vulnerability
- Context preserved from previous revision: Windows Hyper-V Elevation of Privilege Vulnerability Notes: Collection of Windows Privilege Escalation (Analyse/PoC/Exploit)
Technical Details
- CVE: CVE-2024-38080
- KEV date added: 2024-07-09
- KEV due date: 2024-07-30
- NVD published: 2024-07-09
- NVD modified: 2025-10-28
- MITRE modified: 2026-02-10
- CVSS base score: 7.8
- CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CVSS exploitability score: 1.8
- CVSS impact score: 5.9
- Attack vector: Local
- Attack complexity: Low
- Privileges required: Low
- User interaction: None
- Scope: Unchanged
- Confidentiality impact: High
- Integrity impact: High
- Availability impact: High
Versions and Products Impacted
- microsoft / windows 11 21h2 (versions: < 10.0.22000.3079)
- microsoft / windows 11 22h2 (versions: < 10.0.22621.3880)
- microsoft / windows 11 23h2 (versions: < 10.0.22631.3880)
- microsoft / windows server 2022 (versions: < 10.0.20348.2582)
- microsoft / windows server 2022 23h2 (versions: < 10.0.25398.1009)
- Microsoft / Windows Server 2022 (versions: 10.0.20348.0)
- Microsoft / Windows 11 version 21H2 (versions: 10.0.0)
- Microsoft / Windows 11 version 22H2 (versions: 10.0.22621.0)
- Microsoft / Windows 11 version 22H3 (versions: 10.0.22631.0)
- Microsoft / Windows 11 Version 23H2 (versions: 10.0.22631.0)
- Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation) (versions: 10.0.25398.0)
Weakness Classification
- CWE-190
- NVD-CWE-noinfo
Repositories for Lab Validation (Public Examples)
- ycdxsb/WindowsPrivilegeEscalation | stars: 470 | updated: 2026-03-22 | https://github.com/ycdxsb/WindowsPrivilegeEscalation
Notes: Collection of Windows Privilege Escalation (Analyse/PoC/Exploit) - pwndorei/CVE-2024-38080 | stars: 30 | updated: 2026-01-04 | https://github.com/pwndorei/CVE-2024-38080
Notes: poc code for CVE-2024-38080 - Athexblackhat/Exploit-Research | stars: 0 | updated: 2026-03-22 | https://github.com/Athexblackhat/Exploit-Research
Notes: Exploit-Research Database.
People and Organizations Mentioned
- microsoft
- Windows
- ycdxsb
- pwndorei
- Athexblackhat
Practical Defensive Validation (Authorized Only)
- Use only isolated environments and systems you own or are explicitly authorized to test.
- Snapshot infrastructure before validation and preserve baseline logs (EDR, SIEM, OS, app).
- Create low-privilege users on microsoft / windows 11 21h2 (versions: < 10.0.22000.3079) and validate that patching blocks unauthorized admin-level actions.
- Compare token/privilege transitions in Windows Event Logs before and after remediation.
- Tune detections for unusual group membership changes and SYSTEM-level process launches from user sessions.
References
- NVD record: https://nvd.nist.gov/vuln/detail/CVE-2024-38080
- MITRE CVE record: https://www.cve.org/CVERecord?id=CVE-2024-38080
- CISA KEV Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- CISA KEV JSON feed: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
- KEV notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080; https://nvd.nist.gov/vuln/detail/CVE-2024-38080
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38080
- Repository example: https://github.com/ycdxsb/WindowsPrivilegeEscalation
- Repository example: https://github.com/pwndorei/CVE-2024-38080
- Repository example: https://github.com/Athexblackhat/Exploit-Research
This content is for defensive security training and authorized validation only.