Security researcher MrAle_98 recently published a proof-of-concept (PoC) exploit for a zero-day vulnerability, CVE-2024-49138. This flaw, which affects the Windows Common Log File System (CLFS) Driver, carries a CVSS score of 7.8 and allows attackers to gain SYSTEM privileges on affected devices.

‍