CVE-2024-26211

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 9, 2024

Updated: Jan 8, 2025

CWE ID 122

Summary

CVE-2024-26211 is an elevation of privilege vulnerability impacting the Windows Remote Access Connection Manager. Successful exploitation of this vulnerability allows an attacker to gain higher system privileges, potentially leading to unauthorized access and control of affected systems. The attacker could manipulate a specially crafted Remote Access Connection Manager (RASMan) service packet, which is responsible for handling remote access connections, to escalate their privileges. Users and administrators are advised to apply the forthcoming Microsoft patch to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uhcXiq
https://www.cve.org/CVERecord?id=CVE-2024-26211
https://nvd.nist.gov/vuln/detail/CVE-2024-26211

Back to Vulnerability Database

CVE-2024-26211

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations