PULSE
LIVE22signals / 24h
FEED
ransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Services
← All CVEs
CVE Watch

CVE-2024-49039

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

CVSS

No CVSS

EPSS

13.7%

p96

KEV

YES

Nov 12, 2024

Exploit Today

79

0-100

Published: · Last modified:

EPSS · 30d
13.7%EPSS · 30 days13.7%
2026-06-302026-07-16
KEV catalog record

Product

Microsoft / Windows

Vulnerability

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Added to KEV

Nov 12, 2024

Remediate by

Dec 3, 2024

Known ransomware use

Yes

Summary description

Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039 ; https://nvd.nist.gov/vuln/detail/CVE-2024-49039

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-59287
100.0%
KEV80Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
CVE-2021-34527
100.0%
KEV80Microsoft Windows Print Spooler Remote Code Execution Vulnerability
CVE-2022-30190
99.9%
KEV80Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2023-36884
99.9%
KEV80Microsoft Windows Search Remote Code Execution Vulnerability
CVE-2008-4250
99.9%
KEV80Microsoft Windows Buffer Overflow Vulnerability
CVE-2024-21412
99.9%
KEV80Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability