CVE-2024-26169

CVE-2024-26169 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 13, 2024, with confirmed use in ransomware campaigns. EIP tracks 1 public exploit from researchers including kautilyagupt.

AI-analyzed exploit summary This is a Metasploit module that exploits CVE-2017-11882, a vulnerability in Microsoft Office Word's Equation Editor, by generating a malicious RTF file. The exploit uses mshta.exe to execute a payload delivered via an HTA file hosted on a remote server.

Windows Error Reporting Service Elevation of Privilege Vulnerability