{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24288", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-01-21T21:28:02.968Z", "datePublished": "2026-03-10T17:04:41.617Z", "dateUpdated": "2026-04-14T16:35:40.051Z"}, "containers": {"cna": {"title": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability", "datePublic": "2026-03-10T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.19044.0", "versionEndExcluding": "10.0.19044.7058"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.19045.0", "versionEndExcluding": "10.0.19045.7058"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19044.0", "lessThan": "10.0.19044.7058", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19045.0", "lessThan": "10.0.19045.7058", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE", "cweId": "CWE-122"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:35:40.051Z"}, "references": [{"name": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24288"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T14:26:34.005213Z", "id": "CVE-2026-24288", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:26:40.752Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24288", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T14:26:34.005213Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T14:26:36.940Z"}}], "cna": {"title": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "versions": [{"status": "affected", "version": "10.0.19044.0", "lessThan": "10.0.19044.7058", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "versions": [{"status": "affected", "version": "10.0.19045.0", "lessThan": "10.0.19045.7058", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}], "datePublic": "2026-03-10T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24288", "name": "Windows Mobile Broadband Driver Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.19044.7058", "versionStartIncluding": "10.0.19044.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.19045.7058", "versionStartIncluding": "10.0.19045.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:35:40.051Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24288", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:35:40.051Z", "dateReserved": "2026-01-21T21:28:02.968Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-03-10T17:04:41.617Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "35CA4CA1-5EDE-4612-9C17-9AA167F773B9", "versionEndExcluding": "10.0.19044.7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "C18770C8-2B7F-4212-8A4F-1101ABFF4C44", "versionEndExcluding": "10.0.19044.7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "DD070C42-5A71-4D20-B9BA-766565DFC99B", "versionEndExcluding": "10.0.19044.7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "17DCF9E0-A09A-48A3-B281-D22EE76B8062", "versionEndExcluding": "10.0.19045.7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "51FF473A-566D-45FB-868D-03F3907E094A", "versionEndExcluding": "10.0.19045.7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "5FC02001-58B6-4EE4-9552-003F2412ED0C", "versionEndExcluding": "10.0.19045.7058", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Windows Mobile Broadband permite a un atacante no autorizado ejecutar c\u00f3digo con un ataque f\u00edsico."}], "id": "CVE-2026-24288", "lastModified": "2026-03-13T19:16:25.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-03-10T18:18:18.943", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24288"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19044.0,10.0.19044.7058)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 21H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_21h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19045.0,10.0.19045.7058)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 22H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_22h2", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-03-16T23:32:09.558972+00:00", "value": {"mitigation_remediation": ["Download and install the security update from Microsoft (see https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24288).", "If the patch is not yet available, monitor the update schedule and apply as soon as a fix is released."], "summary": {"action": "Apply Patch", "impact": "Code Execution (requires physical access)"}, "threat_synthesis": {"affected_systems": "Microsoft Windows 10 Version\u00a021H2 and Version\u00a022H2 are affected, including all supported CPU architectures listed in the Common Platform Enumeration strings: x86, x64, and arm64.\u00a0Users of these Windows 10 releases should verify whether their devices are running the vulnerable mobile broadband driver.", "description_and_impact": "A heap-based buffer overflow in the Windows Mobile Broadband driver enables an unauthorized attacker with physical access to execute arbitrary code on the target system. The flaw allows the attacker to inject and run code, potentially escalating privileges and compromising confidentiality, integrity, and availability of the affected device. The vulnerability is a classic example of CWE\u2011122, where improper bounds checking leads to uncontrolled memory writes.", "risk_and_exploitability": "The CVSS score of 6.8 indicates a moderate to high severity, but the EPSS score of less than 1% means the probability of exploitation is low. The vulnerability is not listed in CISA\u2019s KEV catalog, suggesting no documented public exploit at this time. The attack requires physical presence, limiting the practical risk to environments where an adversary can gain physical access. Nonetheless, the ability to execute arbitrary code presents a serious threat if the device is compromised."}}}}, "created": "2026-03-11T11:46:41.982941+00:00", "updated": "2026-03-20T14:34:56.451754+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$windows_10_21h2", "microsoft$PRODUCT$windows_10_22h2"]}