Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-26153

Summary
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At-14 Apr, 2026 | 16:57
Updated At-30 Apr, 2026 | 14:41
Rejected At-
Credits

Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microsoft
Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At:14 Apr, 2026 | 16:57
Updated At:30 Apr, 2026 | 14:41
Rejected At:
▼CVE Numbering Authority (CNA)
Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Version 1809
Platforms
  • 32-bit Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.17763.0 before 10.0.17763.8644 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Version 21H2
Platforms
  • 32-bit Systems
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.19044.0 before 10.0.19044.7184 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Version 22H2
Platforms
  • 32-bit Systems
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.19045.0 before 10.0.19045.7184 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 version 22H3
Platforms
  • ARM64-based Systems
Versions
Affected
  • From 10.0.22631.0 before 10.0.22631.6936 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 Version 23H2
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.22631.0 before 10.0.22631.6936 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 Version 24H2
Platforms
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.26100.0 before 10.0.26100.8246 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 Version 25H2
Platforms
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.26200.0 before 10.0.26200.8246 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 version 26H1
Platforms
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.28000.0 before 10.0.28000.1836 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2019
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.17763.0 before 10.0.17763.8644 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2019 (Server Core installation)
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.17763.0 before 10.0.17763.8644 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2022
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.20348.0 before 10.0.20348.5020 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2022, 23H2 Edition (Server Core installation)
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.25398.0 before 10.0.25398.2274 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2025
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.26100.0 before 10.0.26100.32690 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows Server 2025 (Server Core installation)
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.26100.0 before 10.0.26100.32690 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26153
vendor-advisory
patch
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26153
Resource:
vendor-advisory
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@microsoft.com
Published At:14 Apr, 2026 | 18:16
Updated At:24 Apr, 2026 | 20:03

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Microsoft Corporation
microsoft
>>windows_10_1809>>Versions before 10.0.17763.8644(exclusive)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_10_1809>>Versions before 10.0.17763.8644(exclusive)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
Microsoft Corporation
microsoft
>>windows_10_21h2>>Versions before 10.0.19044.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_10_21h2>>Versions before 10.0.19044.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_10_21h2>>Versions before 10.0.19044.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*
Microsoft Corporation
microsoft
>>windows_10_22h2>>Versions before 10.0.19045.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_10_22h2>>Versions before 10.0.19045.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_10_22h2>>Versions before 10.0.19045.7184(exclusive)
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*
Microsoft Corporation
microsoft
>>windows_11_23h2>>Versions before 10.0.22631.6936(exclusive)
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_11_23h2>>Versions before 10.0.22631.6936(exclusive)
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_11_24h2>>Versions before 10.0.26100.8246(exclusive)
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_11_24h2>>Versions before 10.0.26100.8246(exclusive)
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_11_25h2>>Versions before 10.0.26200.8246(exclusive)
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_11_25h2>>Versions before 10.0.26200.8246(exclusive)
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_11_26h1>>Versions before 10.0.28000.1836(exclusive)
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
Microsoft Corporation
microsoft
>>windows_11_26h1>>Versions before 10.0.28000.1836(exclusive)
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
Microsoft Corporation
microsoft
>>windows_server_2019>>Versions before 10.0.17763.8644(exclusive)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_server_2022>>Versions before 10.0.20348.5020(exclusive)
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_server_2022_23h2>>Versions before 10.0.25398.2274(exclusive)
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_server_2025>>Versions before 10.0.26100.32690(exclusive)
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecure@microsoft.com
CWE ID: CWE-125
Type: Secondary
Source: secure@microsoft.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26153secure@microsoft.com
Vendor Advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26153
Source: secure@microsoft.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3637Records found
CVE-2023-35358
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.01%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-35357
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.01%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-35386
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.45% / 85.27%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 17:08
Updated-01 Jan, 2025 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-50152
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.48%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:00
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_11_25h2windows_server_2016Windows Server 2019 (Server Core installation)Windows 11 Version 25H2Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows 10 Version 1607Windows Server 2019Windows Server 2022Windows 10 Version 1507Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-32716
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 71.91%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 17:02
Updated-20 Feb, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Media Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022_23h2windows_10_1607windows_10_21h2windows_server_2008windows_server_2012windows_server_2019windows_11_23h2windows_server_2022windows_10_1809windows_server_2016windows_11_22h2windows_10_22h2Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21322
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.49%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 17:58
Updated-13 Feb, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PC Manager Elevation of Privilege Vulnerability

Microsoft PC Manager Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-pc_managerMicrosoft PC Manager
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-45469
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-2.2||LOW
EPSS-0.06% / 17.16%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-46869
Matching Score-8
Assigner-Acronis International GmbH
ShareView Details
Matching Score-8
Assigner-Acronis International GmbH
CVSS Score-7.3||HIGH
EPSS-0.06% / 17.20%
||
7 Day CHG-0.00%
Published-31 Aug, 2023 | 19:16
Updated-10 Apr, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.

Action-Not Available
Vendor-Acronis (Acronis International GmbH)Microsoft Corporation
Product-cyber_protect_home_officewindowsAcronis Cyber Protect Home OfficeAcronis True Image OEMcyber_protect_home_office
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2022-44671
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.28% / 79.66%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2022Windows 11 version 22H2Windows 10 Version 20H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 21H1
CVE-2022-44704
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.33% / 84.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Windows System Monitor (Sysmon) Elevation of Privilege Vulnerability

Microsoft Windows System Monitor (Sysmon) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_sysmonWindows Sysmon
CVE-2022-44675
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-4.06% / 88.57%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Bluetooth Driver Elevation of Privilege Vulnerability

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2012Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1809Windows Server 2022Windows 11 version 22H2Windows Server 2016 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1Windows 11 version 21H2Windows Server 2012 R2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows 7Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CVE-2023-26078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.51%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 00:00
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs.

Action-Not Available
Vendor-ateran/aateraMicrosoft Corporation
Product-windowsateran/aagent_package_availability
CVE-2022-44677
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.18% / 78.84%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Projected File System Elevation of Privilege Vulnerability

Windows Projected File System Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2022Windows 11 version 22H2Windows 10 Version 20H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 21H1
CVE-2022-4258
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.07% / 19.89%
||
7 Day CHG~0.00%
Published-16 Jan, 2023 | 09:52
Updated-03 Apr, 2025 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hima: Unquoted path vulnerabilities in HIMA PC based Software

In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system.

Action-Not Available
Vendor-himaHIMAMicrosoft Corporation
Product-x-opc_a\+ex-opc_dawindowshopcsx-otsX-OPC DAX-OPC A+E X-OTSHOPCS
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-42972
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.12% / 29.83%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-05 Feb, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)

Action-Not Available
Vendor-Microsoft CorporationSchneider Electric SE
Product-windows_server_2016apc_easy_ups_online_monitoring_softwareeasy_ups_online_monitoring_softwarewindows_7windows_11windows_10windows_server_2022windows_server_2019Schneider Electric Easy UPS Online Monitoring SoftwareAPC Easy UPS Online Monitoring Software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-42973
Matching Score-8
Assigner-Schneider Electric
ShareView Details
Matching Score-8
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.12% / 29.83%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-05 Feb, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)

Action-Not Available
Vendor-Microsoft CorporationSchneider Electric SE
Product-windows_server_2016apc_easy_ups_online_monitoring_softwareeasy_ups_online_monitoring_softwarewindows_7windows_11windows_10windows_server_2022windows_server_2019Schneider Electric Easy UPS Online Monitoring SoftwareAPC Easy UPS Online Monitoring Software
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-6006
Matching Score-8
Assigner-PaperCut Software Pty Ltd
ShareView Details
Matching Score-8
Assigner-PaperCut Software Pty Ltd
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.62%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 04:04
Updated-08 Jan, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation Vulnerability

This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM Note: This CVE has been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.

Action-Not Available
Vendor-PaperCut Software Pty LtdMicrosoft Corporation
Product-papercut_mfwindowspapercut_ngPaperCut NG, PaperCut MF
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2022-41747
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.13%
||
7 Day CHG~0.00%
Published-10 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsTrend Micro Apex One
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-41975
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.71%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 17:20
Updated-20 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.

Action-Not Available
Vendor-realvncn/aMicrosoft Corporation
Product-windowsvnc_viewervnc_servern/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-41628
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.72%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windows_10_1511windows_10_1809windows_10_1803windows_10_21h1windows_10_21h2windows_10_1709windows_10_1507windows_10_2004nuc_p14e_laptop_elementwindows_10_1903windows_10_1909windows_10_22h2windows_10_20h2windows_10_1703windows_10_1607Intel(R) NUC P14E Laptop Element software for Windows 10
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-41101
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.01% / 77.25%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Jan, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Overlay Filter Elevation of Privilege Vulnerability

Windows Overlay Filter Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 1607Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows 10 Version 20H2
CVE-2022-41077
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.90% / 75.69%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Fax Compose Form Elevation of Privilege Vulnerability

Windows Fax Compose Form Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2012Windows 10 Version 22H2Windows 10 Version 1507Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2022Windows 11 version 22H2Windows Server 2016 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1Windows Server 2008 Service Pack 2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 21H2Windows Server 2012 R2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 8.1Windows Server 2012 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows 7Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CVE-2022-41125
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.70% / 72.17%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-30 Oct, 2025 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-12-09||Apply updates per vendor instructions.
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_21h2windows_10_1507windows_11_22h2windows_server_2012windows_10_21h1windows_10_21h2windows_server_2022windows_10_1607windows_10_22h2windows_10_1809windows_server_2019windows_8.1windows_10_20h2windows_server_2016Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H1Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-41120
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.93% / 76.19%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Jan, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Windows System Monitor (Sysmon) Elevation of Privilege Vulnerability

Microsoft Windows System Monitor (Sysmon) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_sysmonWindows Sysmon
CVE-2022-41113
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.30% / 87.30%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Jan, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows 10 Version 20H2
CVE-2022-41096
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.98% / 76.84%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Jan, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows 10 Version 20H2
CVE-2022-41109
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.16% / 78.68%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Jan, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CVE-2022-41073
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.89% / 83.29%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-30 Oct, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-12-09||Apply updates per vendor instructions.
Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2012windows_10_21h2windows_server_2022windows_8.1windows_10_1507windows_11_22h2windows_server_2008windows_10_21h1windows_10_20h2windows_10_1607windows_10_22h2windows_10_1809windows_server_2019windows_11_21h2windows_server_2016Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 7Windows 10 Version 21H1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-41054
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.01% / 77.25%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-02 Apr, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2019Windows Server 2016 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2022Windows 11 version 21H2Windows 10 Version 1607
CVE-2022-38777
Matching Score-8
Assigner-Elastic
ShareView Details
Matching Score-8
Assigner-Elastic
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.78%
||
7 Day CHG~0.00%
Published-08 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Action-Not Available
Vendor-Microsoft CorporationElasticsearch BV
Product-endgameendpoint_securitywindowsElastic Endpoint Security
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-38659
Matching Score-8
Assigner-HCL Software
ShareView Details
Matching Score-8
Assigner-HCL Software
CVSS Score-6||MEDIUM
EPSS-0.02% / 5.74%
||
7 Day CHG~0.00%
Published-17 Dec, 2022 | 18:44
Updated-17 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL BigFix Platform is affected by insecure credential storage

In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.

Action-Not Available
Vendor-Microsoft CorporationHCL Technologies Ltd.
Product-bigfix_platformwindowsBigFix Platform
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2022-38396
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.57% / 68.61%
||
7 Day CHG~0.00%
Published-03 Feb, 2023 | 16:53
Updated-25 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021.

Action-Not Available
Vendor-HP Inc.Microsoft Corporation
Product-windows_10_1507windows_10_1709windows_10_1909windows_10_2004windows_10_20h2windows_10_1703windows_10_1803windows_10_1607windows_10_1809windows_10_1511HP Factory Preinstalled Windows 10 20H2 Images
CVE-2022-37956
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.78% / 73.69%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 7Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1Windows Server 2012Windows 10 Version 1507Windows Server 2008 Service Pack 2Windows 10 Version 1607Windows Server 2022Windows Server 2019Windows 11 version 21H2Windows 10 Version 20H2Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2016Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 8.1Windows Server 2016 (Server Core installation)
CVE-2022-37991
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.18% / 78.85%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-37989
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-11.02% / 93.47%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-38037
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.02% / 86.68%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-37988
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.18% / 78.85%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-38005
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.46% / 80.93%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 18:42
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 7Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1Windows Server 2012Windows 10 Version 1507Windows Server 2008 Service Pack 2Windows 10 Version 1607Windows Server 2022Windows Server 2019Windows 11 version 21H2Windows 10 Version 20H2Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2016Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 8.1Windows Server 2016 (Server Core installation)
CVE-2022-37957
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.30% / 87.30%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 18:42
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows 11 version 21H2Windows 10 Version 20H2Windows 10 Version 21H2Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1607Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows Server 2022Windows Server 2019
CVE-2022-38028
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-4.95% / 89.70%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-12 Jan, 2026 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-05-14||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_10_21h1windows_10_21h2windows_server_2022windows_10_1607windows_10_1809windows_server_2019windows_rt_8.1windows_8.1windows_10_20h2windows_server_2016Windows Server 2022Windows 11 version 22H2Windows 11 version 21H2Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows 8.1Windows 10 Version 1507Windows Server 2012Windows 10 Version 20H2Windows 10 Version 1607Windows Server 2012 R2 (Server Core installation)Windows Server 2019Windows Server 2016Windows 10 Version 1809Windows 10 Version 21H2Windows Server 2012 (Server Core installation)Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows
CVE-2022-38051
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.42% / 85.21%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-38050
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.17% / 87.02%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows 10 Version 20H2
CVE-2022-37997
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.55% / 67.92%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2022-38007
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 72.61%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 18:42
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability

Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_arcazure_guest_configurationAzure Guest ConfigurationAzure ARC
CVE-2022-37964
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.64% / 70.75%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 18:42
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2008Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 7Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows 7 Service Pack 1Windows Server 2008 Service Pack 2
CVE-2022-37994
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 72.39%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Group Policy Preference Client Elevation of Privilege Vulnerability

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)
CVE-2026-3775
Matching Score-8
Assigner-14984358-7092-470d-8f34-ade47a7658a2
ShareView Details
Matching Score-8
Assigner-14984358-7092-470d-8f34-ade47a7658a2
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.04%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 01:40
Updated-14 Apr, 2026 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Foxit PDF Editor/Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writable locations, a local attacker can place a malicious library there and have it loaded with SYSTEM privileges, resulting in local privilege escalation and arbitrary code execution.

Action-Not Available
Vendor-Foxit Software Inc.Foxit Software IncorporatedMicrosoft Corporation
Product-pdf_editorwindowspdf_readerFoxit PDF ReaderFoxit PDF Editor
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-38003
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.84% / 74.81%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Resilient File System Elevation of Privilege

Windows Resilient File System Elevation of Privilege

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 20H2
CVE-2022-37995
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 72.61%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 20H2
CVE-2022-37983
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 72.61%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows 10 Version 20H2
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 72
  • 73
  • Next
Details not found