🖼️ Windows DWM — Elevation of Privilege

CVE-2024-30051 is an elevation of privilege vulnerability in Windows' DWM Core Library (dwmcore.dll). The flaw arises due to a heap-based buffer overflow in the CCommandBuffer::Initialize method, triggered by a miscalculation during memory allocation.

🖥 Affected versions
— Windows 10: 1507, 1607, 1809, 21H2, 22H2
— Windows 11: 21H2, 22H2, 23H2
— Windows Server: 2016, 2019, 2022

🔗 Source:
https://github.com/fortra/CVE-2024-30051

#windows #eop #dwm #research #poc