CVE-2022-24521
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 3, 2026
7 articles
EPSS Score
Source: FIRST.org · 2026-05-24
7.63%
probability
This CVE has a 7.63% probability
of being exploited in the next 30 days.
0%
Top 92.0th percentile of all CVEs
100%
CVSS score unavailable
Neither CIRCL nor NVD returned a CVSS score for this CVE.
View on VulnerabilityLookup ↗
Description
Project ZeroWindows Common Log File System Driver Elevation of Privilege
Attack Intelligence
Google Project Zero
Patched
April 12, 2022
Reported by
National Security Agency, Adam Podlosky and Amir Bazine of Crowdstrike
Root Cause Analysis
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-24521.html
Windows zero-day vulnerability exploited in ransomware attacks
BleepingComputer
Apr 11, 2023
April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities With 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities With 51 Critical.
Qualys
Apr 12, 2022
Security Advisory 2022-026
CERT-EU
Apr 13, 2022
Microsoft April 2022 Patch Tuesday fixes 119 flaws, 2 zero-days
BleepingComputer
Apr 12, 2022
Signal Intelligence
Confidence
82%
EPSS
7.63%
Mentions
7
Last Seen
Apr 11, 2023
CNA Information
Analyst Note
CVE-2022-24521 is confirmed as a legitimate elevation of privilege vulnerability in Windows 10 with a HIGH CVSS score (7.8) and validation from reputable sources including Google Project Zero and CERT-EU security advisory. The vulnerability affects the Common Log File System Driver, a critical component, supporting the confirmed status despite limited public article coverage.
Threat Actors 10
Cobalt
apt_group
Financial crime
🇷🇺 RU
Hacking Team
apt_group
🇮🇹 IT
Group 27
apt_group
Information theft and espionage
🇨🇳 CN
Earth Lamia
apt_group
Information theft and espionage
🇨🇳 CN
RomCom
apt_group
Financial gain
🇷🇺 RU
Roaming Mantis
apt_group
🇯🇵 JP
Rocke
apt_group
🇨🇳 CN
Red Dev 17
apt_group
🇨🇳 CN
Red October
apt_group
🇷🇺 RU
Mana Team
apt_group
🇨🇳 CN
Triage Info
Decided atMar 03, 2026