Black Basta
Vulnerability details
Advisory: SB20240312312 - Privilege escalation in Microsoft Windows Error Reporting Service
Vulnerable component: Windows
CVE-ID: CVE-2024-26169
CVSSv3 score: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
Description:
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in the Windows Error Reporting Service, which leads to security restrictions bypass and privilege escalation.