CVE-2024-26169: Microsoft Windows Error Reporting Service Improper
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability. Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
- CISA KEV-listed (remediation due 2024-07-04)
- used in ransomware campaigns
- EPSS 34.6% (97.1% percentile)