CVE-2024-26211
Published: 09 April 2024
Summary
CVE-2024-26211 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows 10 1507. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 8.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-26211 is an elevation of privilege vulnerability in the Windows Remote Access Connection Manager component. It received a CVSS v3.1 base score of 7.8 reflecting local attack vector, low complexity, low privileges required, and no user interaction, with high impact to confidentiality, integrity, and availability. The issue is also tagged under CWE-122.
A local attacker who already possesses a low-privileged account on an affected Windows system can exploit the flaw to obtain full administrative rights on the host. The attack requires no user interaction and can result in complete compromise of the target machine.
Microsoft has published official guidance for the vulnerability at its security update portal, directing administrators to the corresponding security updates and mitigation steps for supported Windows releases. The EPSS score has remained flat at 0.0681 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-23487
Vulnerability details
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.