CVE-2024-26199

Опубликовано: 12 мар. 2024

Источник: msrc

CVSS3: 7.8

EPSS Низкий

Описание

Microsoft Office Elevation of Privilege Vulnerability

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 45%

0.00222

Низкий

7.8 High

CVSS3

CVE-2024-26199

CVSS3: 7.8

nvd

почти 2 года назад

Microsoft Office Elevation of Privilege Vulnerability

GHSA-76hf-hrqr-9g56

CVSS3: 7.8

github

почти 2 года назад

Microsoft Office Elevation of Privilege Vulnerability

BDU:2024-02188

CVSS3: 7.8

fstec

около 2 лет назад

Уязвимость исполняемого файла Office Performance Monitor пакета программ Microsoft Office, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 45%

0.00222

Низкий

7.8 High

CVSS3