CVE-2026-20817 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

CVE-2025-55694 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

CVE-2025-55692 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

(0Day) Microsoft Windows Error Reporting Service Missing Authorization Arbitrary Process Termination Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

A week in security (June 17 – June 23)

Last week on Malwarebytes Labs: Microsoft Recall delayed after privacy and security concerns Almost everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13 43% of couples experience pressure to share logins and locations,...

CVE-2024-26169

CVE-2024-26169 is a Windows Error Reporting Service Elevation of Privilege vulnerability (improper privilege management) that allows a local attacker with user permissions to gain SYSTEM privileges. Public exploits exist; the vulnerability has been added to CISA’s Known Exploited Vulnerabilities ...

PT-2024-2247

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to March 2024 Patch Tuesday Windows Server 2019 10.0.17763.2300 Description: A vulnerability exists in the Windows Error Reporting Service that allows attackers to gain SYSTEM-level privileges. The...

CVE-2023-36721

Windows Error Reporting Service Elevation of Privilege Vulnerability...

CVE-2023-36874

CVE-2023-36874 is a Windows Error Reporting Service privilege-escalation vulnerability. The root cause described in the sources is a filesystem/relative-path handling flaw: WER may invoke wermgr.exe using a relative path and does not validate symbolic links, allowing a non-system executable to be...

Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability

Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation...

PT-2023-2462 · Microsoft · Windows Error Reporting Service +1

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Service affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Service, which can be exploited to elevate privileges. This allows an attacke...

CVE-2023-21558

Windows Error Reporting Service Elevation of Privilege Vulnerability...

KLA20158 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of...

CVE-2023-21558

Technical details about CVE-2023-21558 (affected product, version, exploitability, or remediation) are not provided in the supplied documents. Monitor for updates from official advisories.

PT-2023-1259 · Microsoft · Windows Error Reporting Service +1

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Service affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Service, which can be exploited to elevate privileges. This allows an attacke...

CVE-2022-35795

Technical details for CVE-2022-35795 are not provided in the connected documents; the materials here do not reveal affected products, root cause, or remediation. Monitor for updates from official sources.

CVE-2022-35795 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

KLA12602 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of...

Partner Perspectives: Insight on Turla PNG Dropper

Editor's Note: This blog originally appeared on NCC Group's website. This is a short blog post on the PNG Dropper malware that has been developed and used by the Turla Group 1. The PNG Dropper was first discovered back in August 2017 by Carbon Black researchers. Back in 2017 it was being used to...