0.001 Low
EPSS
Percentile
47.0%
Microsoft.WindowsDesktop.App.Runtime is vulnerable to Remote Code Execution (RCE). The vulnerability is due to how WPF applications load and render XPS documents which allows a local attacker to upload and execute malicious code on the system.
github.com/dotnet/announcements/issues/261
github.com/dotnet/wpf/issues/7922
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895