Elevation of Privileges in Windows Error Reporting by Microsoft
CVE-2026-20817

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows 10 Version 21h2
Windows 10 Version 22h2
Windows 11 Version 22h3
Windows 11 Version 23h2
Vendor
CVE Published:
13 January 2026

Badges

πŸ“ˆ Score: 932πŸ‘Ύ Exploit Exists🟑 Public PoC

What is CVE-2026-20817?

CVE-2026-20817 is a vulnerability found in the Windows Error Reporting component developed by Microsoft. This component is responsible for collecting and sending error reports from user systems to Microsoft to facilitate troubleshooting and improve software performance. The vulnerability stems from improper handling of permissions or privileges, which allows an authorized attacker to elevate their access rights on a local machine. If exploited, this could permit malicious users to gain higher-level privileges than intended, potentially compromising system integrity and security. The severity of this vulnerability is particularly concerning for organizations as it could pave the way for more extensive attacks within their networks, leveraging the elevated privileges to manipulate sensitive configurations or data.

Potential impact of CVE-2026-20817

  1. Local Privilege Escalation: The primary risk associated with CVE-2026-20817 is the potential for local privilege escalation. An attacker who gains access to a user account could exploit this vulnerability to elevate their privileges, allowing them to perform unauthorized actions that could undermine system security.

  2. Increased Attack Surface: By enabling unauthorized users to gain higher-level access, this vulnerability can effectively increase the attack surface of an organization. Once an attacker obtains elevated privileges, they could execute malicious code, alter system configurations, or install additional malware, leading to more severe security breaches.

  3. Data Compromise Risks: The exploitation of this vulnerability could lead to the compromise of sensitive data and systems. With enhanced access, attackers could manipulate, exfiltrate, or delete critical information, which could result in significant financial, legal, and reputational damages for organizations affected by the breach.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.6809

Windows 10 Version 22H2 32-bit Systems 10.0.19045.0 < 10.0.19045.6809

Windows 11 version 22H3 ARM64-based Systems 10.0.22631.0 < 10.0.22631.6491

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-20817
Created by oxfemale

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.