CVE-2024-22830

low-risk

Published 2024-05-01

Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform proper access control when handling system resources. This allows a local attacker to escalate privileges from regular user to System or PPL level.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.3/10 Medium

LOCAL / LOW complexity

References (6)

http://anti-cheat.com

https://intl.anticheatexpert.com/#/tool-center

https://www.defencetech.it/wp-content/uploads/2024/04/Report-CVE-2024-22830.pdf

http://anti-cheat.com

https://intl.anticheatexpert.com/#/tool-center

https://www.defencetech.it/wp-content/uploads/2024/04/Report-CVE-2024-22830.pdf

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal