Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2024-49072

7.8HIGH

Key Information:

Summary

A vulnerability exists in the Windows Task Scheduler that could allow an attacker to elevate privileges on affected systems. This issue arises when the Windows Task Scheduler improperly handles requests, giving malicious actors the opportunity to execute arbitrary code with elevated permissions. Exploitation of this vulnerability could lead to further compromises within the system's environment, emphasizing the importance of applying security updates to mitigate risks associated with unauthorized access. Users are encouraged to adhere to best practices for maintaining system security and regularly check for updates.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20857

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7606

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6659

References

EPSS Score

0% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed
.