High severity7.3NVD Advisory· Published Dec 16, 2024· Updated Apr 15, 2026

CVE-2024-10972

Description

Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s access right under the control of the user-mode application. This is due to verification only being performed at the beginning of the routine allowing the userspace to change page permissions half way through the routine. A valid workaround is a rule to detect unauthorized loading of winpmem outside incident response operations.

Patches

57f829bc00b2

https://github.com/velocidex/winpmemvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/Velocidex/WinPmem/releases/tag/v4.1.dev1nvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000