What the vulnerability does
01Description
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28904
HIGH
CVE-2024-28904: Microsoft Brokering File System Elevation of Privilege Vulnerability
CVSS base score
7.8/10
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
April 9, 2024
CVE published
May 3, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-38770 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation Vulnerability
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
CVE-2026-0912 Toret Manager <= 1.2.7 - Authenticated (Subscriber+) Arbitrary Options Update via AJAX actions
CVE-2022-45451
CVE-2025-33188
