Windows Mobile Hotspot Information Disclosure Vulnerability - CVE-2024-26220ID: oval:org.secpod.oval:def:98942 | Date: (C)2024-04-11 (M)2024-04-17 |
Class: VULNERABILITY | Family: windows |
Windows Mobile Hotspot Information Disclosure Vulnerability. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Exploitation of the vulnerability requires a user to first turn on the Mobile Hotspot before the attacker starts the exploitation. An authorized attacker with guest/low privileges must first gain access to the local system, then wait for or trick the user into turning on the Mobile Hotspot feature. Only when the Mobile Hotspot is turned on does the vulnerability become exploitable. Therefore, this attack vector requires both attacker authentication (to access the local system) and user interaction (to turn on the Mobile Hotspot).
Platform: |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows Server |