CVE-2024-49138

Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. Vendor/Product: Microsoft Windows. Added to CISA KEV 2024-12-10; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.