CVE-2024-26169
CVSS v3.1
7.8 (High)
EPSS
0.05 % (21th)
Affected Products
14
Advisories
2
NVD Status
Analyzed
Windows Error Reporting Service Elevation of Privilege Vulnerability
Weaknesses
- CWE-269
- Improper Privilege Management
- CWE-NVD-noinfo
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Microsoft Corporation
- Published Date
-
2024-03-12 17:15:56
(6 months ago) - Updated Date
-
2024-06-14 17:36:18
(3 months ago)
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
- Required Action
- Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
- Known to be Used in Ransomware Campaigns
- Known
- Notes
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169; https://nvd.nist.gov/vuln/detail/CVE-2024-26169
- Vendor
- Microsoft
- Product
- Windows
- In CISA Catalog from
-
2024-06-13
(3 months ago) - Due Date
-
2024-07-04
(2 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...