Home
Description
Windows Error Reporting Service Elevation of Privilege Vulnerability
PUBLISHED Reserved 2024-02-14 | Published 2024-03-12 | Updated 2025-10-21 | Assigner microsoft
HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CISA Known Exploited Vulnerability
Date added 2024-06-13 | Due date 2024-07-04
Known Ransomware Campaign(s)
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Problem types
CWE-269: Improper Privilege Management
Product status
10.0.17763.0 (custom) before 10.0.17763.5576
affected
10.0.0 (custom) before 10.0.17763.5576
affected
10.0.17763.0 (custom) before 10.0.17763.5576
affected
10.0.17763.0 (custom) before 10.0.17763.5576
affected
10.0.20348.0 (custom) before 10.0.20348.2340
affected
10.0.0 (custom) before 10.0.22000.2836
affected
10.0.19043.0 (custom) before 10.0.19044.4170
affected
10.0.22621.0 (custom) before 10.0.22621.3296
affected
10.0.19045.0 (custom) before 10.0.19045.4170
affected
10.0.22631.0 (custom) before 10.0.22631.3296
affected
10.0.22631.0 (custom) before 10.0.22631.3296
affected
10.0.25398.0 (custom) before 10.0.25398.763
affected
10.0.10240.0 (custom) before 10.0.10240.20526
affected
10.0.14393.0 (custom) before 10.0.14393.6796
affected
10.0.14393.0 (custom) before 10.0.14393.6796
affected
10.0.14393.0 (custom) before 10.0.14393.6796
affected
6.3.9600.0 (custom) before 6.3.9600.21871
affected
6.3.9600.0 (custom) before 6.3.9600.21871
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169 (Windows Error Reporting Service Elevation of Privilege Vulnerability) vendor-advisory
cve.org
(CVE-2024-26169)
nvd.nist.gov
(CVE-2024-26169)
Download JSON
