Security readout for executives and security teams
Plain-English summary
This flaw lets someone with physical access to an affected Windows system gain higher privileges through the Windows Mobile Broadband Driver. It is not listed as actively exploited in the provided sources, but successful exploitation could fully compromise confidentiality, integrity, and availability on the local device.
Executive priority
Treat this as a standard-priority patching item with higher urgency for physically accessible endpoints. It is not a remote wormable issue, but the potential device impact is high after physical access.
Technical view
CVE-2024-49078 is a Microsoft Windows Mobile Broadband Driver elevation-of-privilege vulnerability. The source bundle maps it to CWE-125 and CWE-190, with CVSS 3.1 score 6.8 and physical attack vector. Microsoft lists an official remediation status for affected Windows 10, Windows 11, and Windows Server builds.
Likely exposure
Exposure is most relevant for affected Windows endpoints or servers where an attacker could gain physical access, especially laptops, mobile workstations, kiosks, shared systems, or devices using mobile broadband hardware.
Exploitation context
The provided data does not support active exploitation. CVSS marks exploit code maturity as unproven, CISA KEV status is false, and the attack vector is physical rather than remote network-based.
Researcher notes
The public bundle provides limited root-cause detail beyond CWE-125 and CWE-190. Avoid assuming reachable interfaces, driver paths, or exploit prerequisites beyond physical access, no privileges, and no user interaction from CVSS.
Mitigation direction
Apply Microsoft’s official update for CVE-2024-49078.
Prioritize physically accessible and mobile-broadband-capable Windows devices.
Review Microsoft MSRC guidance for affected build applicability.
Reduce physical access to unmanaged or shared Windows systems.
Confirm normal Windows patch deployment covers listed server builds.
Validation and detection
Inventory Windows 10, Windows 11, and Windows Server versions listed as affected.
Confirm the Microsoft update for CVE-2024-49078 is installed.
Identify endpoints with mobile broadband drivers or hardware.
Check shared, kiosk, and mobile devices for patch compliance.
Track MSRC for any revised guidance or exploitation status.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-125: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
The CVE wording references privilege impact, so privilege escalation and authorization behavior review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
1CVSS vectors
3Timeline events
1ADP providers
2Source links
SSVC decision data
CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: total
CVSS vector scores
1 official score
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.