CVE-2024-29988CISA KEVEPSS p98.6%

CVE-2024-29988Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability

Microsoft / SmartScreen Prompt

Description

Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.

Scoring

EPSS45.15% probability of exploitation · percentile 98.6% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2024-04-30

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft SmartScreen Prompt Security Feature Bypass Vulnerabilitykev-cve-2024-299880%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
CVE
CVE-2022-44698
CVE
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
CVE
CVE-2022-41091
CVE
Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability
CVE
CVE-2022-41049
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.