| Assigner | microsoft |
| Reserved | 2024-02-14 |
| Published | 2024-04-09 |
| Updated | 2024-06-11 |
Description
Microsoft Install Service Elevation of Privilege Vulnerability
| HIGH: 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Problem types
CWE-59: Improper Link Resolution Before File Access ('Link Following')
Product status
10.0.0 before 10.0.17763.5696
affected
10.0.0 before 10.0.17763.5696
affected
10.0.0 before 10.0.17763.5696
affected
10.0.0 before 10.0.20348.2402
affected
10.0.0 before 10.0.22000.2899
affected
10.0.0 before 10.0.19044.4291
affected
10.0.0 before 10.0.22621.3447
affected
10.0.0 before 10.0.19045.4291
affected
10.0.0 before 10.0.22631.3447
affected
10.0.0 before 10.0.22631.3447
affected
10.0.0 before 10.0.25398.830
affected
10.0.0 before 10.0.10240.20596
affected
10.0.0 before 10.0.14393.6897
affected
10.0.0 before 10.0.14393.6897
affected
10.0.0 before 10.0.14393.6897
affected
6.0.0 before 6.0.6003.22618
affected
6.0.0 before 6.0.6003.22618
affected
6.0.0 before 6.0.6003.22618
affected
6.1.0 before 6.1.7601.27067
affected
6.0.0 before 6.1.7601.27067
affected
6.2.0 before 6.2.9200.24821
affected
6.2.0 before 6.2.9200.24821
affected
6.3.0 before 6.3.9600.21924
affected
6.3.0 before 6.3.9600.21924
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158 (Microsoft Install Service Elevation of Privilege Vulnerability) vendor-advisory
cve.org CVE-2024-26158
nvd.nist.gov CVE-2024-26158
Download JSON
