Cyber Resilience

CVE-2024-26211

High

Published: 09 April 2024

Published
09 April 2024
Modified
08 January 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0681 91.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-26211 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 8.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-26211 is an elevation of privilege vulnerability in the Windows Remote Access Connection Manager component. It received a CVSS v3.1 base score of 7.8 reflecting local attack vector, low complexity, low privileges required, and no user interaction, with high impact to confidentiality, integrity, and availability. The issue is also tagged under CWE-122.

A local attacker who already possesses a low-privileged account on an affected Windows system can exploit the flaw to obtain full administrative rights on the host. The attack requires no user interaction and can result in complete compromise of the target machine.

Microsoft has published official guidance for the vulnerability at its security update portal, directing administrators to the corresponding security updates and mitigation steps for supported Windows releases. The EPSS score has remained flat at 0.0681 with no material increase since disclosure.

EU & UK References

Vulnerability details

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 10 1507
≤ 10.0.10240.20651 · ≤ 10.0.10240.20651
microsoft
windows 10 1607
≤ 10.0.14393.6981 · ≤ 10.0.14393.6981
microsoft
windows 10 1809
≤ 10.0.17763.5820
microsoft
windows 10 21h2
≤ 10.0.19044.4412
microsoft
windows 10 22h2
≤ 10.0.19045.4412
microsoft
windows 11 21h2
≤ 10.0.22000.2899
microsoft
windows 11 22h2
≤ 10.0.22621.3593
microsoft
windows 11 23h2
≤ 10.0.22631.3593
microsoft
windows server 2012
r2
microsoft
windows server 2016
≤ 10.0.14393.6981
+3 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References