CVE-2026-20817
HIGHWindows Error Reporting - Privilege Escalation
Title source: llmDescription
Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
Exploits (1)
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
8.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-280
Status
published
Products (18)
microsoft/windows_10_21h2
< 10.0.19044.6809
microsoft/windows_10_22h2
< 10.0.19045.6809
Microsoft/Windows 10 Version 21H2
10.0.19044.0 - 10.0.19044.6809
Microsoft/Windows 10 Version 22H2
10.0.19045.0 - 10.0.19045.6809
microsoft/windows_11_23h2
< 10.0.22631.6491
microsoft/windows_11_24h2
< 10.0.26100.7623
microsoft/windows_11_25h2
< 10.0.26200.7623
Microsoft/Windows 11 version 22H3
10.0.22631.0 - 10.0.22631.6491
Microsoft/Windows 11 Version 23H2
10.0.22631.0 - 10.0.22631.6491
Microsoft/Windows 11 Version 24H2
10.0.26100.0 - 10.0.26100.7623
... and 8 more
Published
Jan 13, 2026
Tracked Since
Feb 18, 2026