Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
CVSS Details
- CVSS 3.1 Base Score: 7.8
- CVSS 3.1 Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Microsoft Windows | microsoft-windows-windows_10-1607-kb5075999microsoft-windows-windows_10-1809-kb5075904microsoft-windows-windows_10-21h2-kb5075912microsoft-windows-windows_10-22h2-kb5075912microsoft-windows-windows_11-23h2-kb5075941microsoft-windows-windows_11-24h2-kb5077181microsoft-windows-windows_11-25h2-kb5077181microsoft-windows-windows_11-26h1-kb5077179microsoft-windows-windows_server_2012-kb5075971microsoft-windows-windows_server_2012_r2-kb5075970microsoft-windows-windows_server_2016-1607-kb5075999microsoft-windows-windows_server_2019-1809-kb5075904microsoft-windows-windows_server_2022-21h2-kb5075906microsoft-windows-windows_server_2022-22h2-kb5075906microsoft-windows-windows_server_2022-23h2-kb5075897microsoft-windows-windows_server_2025-24h2-kb5075899 | Feb 10, 2026 | Feb 10, 2026 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub