CVE-2024-21310: 
vulnerability analysis and mitigation

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability (CVE-2024-21310) was discovered and disclosed in January 2024. The vulnerability affects various versions of Microsoft Windows, including Windows 10 and Windows 11 systems with long Win32 path support enabled (ZDI Advisory).

The vulnerability exists within the cldflt.sys driver and stems from improper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Microsoft has classified this as a numeric truncation error (CWE-197) (NVD, ZDI Advisory).

If successfully exploited, this vulnerability allows attackers to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute low-privileged code on the target system (ZDI Advisory).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates including KB5034127 for Windows 10 1809, KB5034122 for Windows 10 21H2/22H2, KB5034121 for Windows 11 21H2, and KB5034123 for Windows 11 22H2/23H2 (Rapid7).