← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-26169 — Actively Exploited: Windows (Microsoft)

Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.

CVE IDCVE-2024-26169
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Date added2024-06-13
Remediation due2024-07-04
Known ransomware useKnown
Required actionApply updates per vendor instructions or discontinue use of the product if updates are unavailable.
DescriptionMicrosoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →