CVE-2024-26169
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
CVSS
—
Sin CVSS
EPSS
4.0%
p89
KEV
SÍ
13 jun 2024
Exploit Today
77
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Añadido a KEV
13 jun 2024
Remediar antes de
4 jul 2024
Uso conocido en ransomware
Sí
Descripción resumida
Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Acción requerida
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Notas
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169; https://nvd.nist.gov/vuln/detail/CVE-2024-26169