CVE-2024-57972: A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows...

Description

A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows remote attackers to cause a Denial of Service via the Device Portal framework.

Classification

CVE ID: CVE-2024-57972

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 2.28% (probability of being exploited)

EPSS Percentile: 83.3% (scored less or equal to compared to others)

EPSS Date: 2025-04-04 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-57972
https://github.com/tania-silva/Hololens

Timeline

2025-03-06 22:40:26 UTC
CVE

A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows...