vulnerability
Microsoft Windows: CVE-2024-9157: Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Mar 11, 2025 | Mar 11, 2025 | Oct 14, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Mar 11, 2025
Added
Mar 11, 2025
Modified
Oct 14, 2025
Description
** UNSUPPORTED WHEN ASSIGNED **
A privilege escalation vulnerability in CxUIUSvc64.exe and
CxUIUSvc32.exe of Synaptics audio drivers allows a local authorized
attacker to load a DLL in a privileged process.
Out of an abundance of caution, this CVE ID is being
assigned to better serve our customers and ensure all who are still running
this product understand that the product is End-of-Life and should be removed.
For more information on this, refer to the CVE Record’s reference information.
Solutions
microsoft-windows-windows_10-1507-kb5053618microsoft-windows-windows_10-1607-kb5053594microsoft-windows-windows_10-1809-kb5053596microsoft-windows-windows_10-21h2-kb5053606microsoft-windows-windows_10-22h2-kb5053606microsoft-windows-windows_11-22h2-kb5053602microsoft-windows-windows_11-23h2-kb5053602microsoft-windows-windows_11-24h2-kb5053598microsoft-windows-windows_server_2012-kb5053886microsoft-windows-windows_server_2012_r2-kb5053887microsoft-windows-windows_server_2016-1607-kb5053594microsoft-windows-windows_server_2019-1809-kb5053596microsoft-windows-windows_server_2022-21h2-kb5053603microsoft-windows-windows_server_2022-22h2-kb5053603microsoft-windows-windows_server_2022-23h2-kb5053599microsoft-windows-windows_server_2025-24h2-kb5053598
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.