CVE-2024-49039 - Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

CVE ID:CVE-2024-49039

Project:Microsoft

Product:Windows

Date Added:2024-11-12Due Date:2024-12-03

Vulnerability Name

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Description

Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039

https://nvd.nist.gov/vuln/detail/CVE-2024-49039

Latest Security News

Top CVE List

Common Alerts

LowHTTPS Content Available via HTTP
HighLog4Shell (CVE-2021-44228)
HighNoSQL Injection - MongoDB (Time Based)
InformationalGraphQL Endpoint Supports Introspection
InformationalSec-Fetch-Mode Header is Missing
HighPath Traversal
InformationalModern Web Application
InformationalUser Controllable HTML Element Attribute (Potential XSS)
HighRemote Code Execution - Shell Shock
MediumBypassing 403