What is the CVSS score of CVE-2010-3338?

CVE-2010-3338 has a CVSS 2.0 base score of 7.2 (High). CVSS vector: AV:L/AC:L/Au:N/C:C/I:C/A:C. EPSS exploitation probability: 63.3%.

Which versions of Windows Task Scheduler are affected by CVE-2010-3338?

CVE-2010-3338 is a local privilege escalation vulnerability in Windows Task Scheduler affecting Vista, Windows Server 2008, Server 2008 R2, and Windows 7 that allows authenticated users to gain…

Is there a public PoC exploit available for CVE-2010-3338?

Yes, a public proof-of-concept exploit is available for CVE-2010-3338. Prioritise patching immediately. EPSS: 63.3%.

How to fix or mitigate CVE-2010-3338?

Within 24 hours: Inventory all systems running Windows Vista SP1/SP2, Windows Server 2008 (all editions/service packs), Windows Server 2008 R2, or Windows 7 and assess whether they remain in production. Within 7 days: Apply Microsoft security bulletin MS10-092 to all affected systems still in active use; if systems cannot be patched immediately, implement the compensating controls below. Within 30 days: Complete migration planning for any legacy systems that cannot be remediated, prioritizing systems with high-privilege local user populations or exposed remote access.

Windows Task Scheduler CVE-2010-3338

HIGH

Improper Input Validation (CWE-20)

2010-12-16 secure@microsoft.com

Information Disclosure Microsoft

7.2

CVSS 2.0 · NVD

Severity by source

NVD PRIMARY

7.2 HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:C/I:C/A:C

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Lifecycle Timeline

Analysis Updated

Apr 29, 2026 - 01:45 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 29, 2026 - 01:39 vuln.today

cvss_changed

Analysis Generated

Mar 26, 2026 - 11:17 vuln.today

PoC Detected

Apr 11, 2025 - 00:51 vuln.today

Public exploit code

CVE Published

Dec 16, 2010 - 19:33 nvd

HIGH 7.2

DescriptionCVE.org

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.

AnalysisAI

Local privilege escalation in Windows Task Scheduler allows authenticated users to execute code with SYSTEM privileges through crafted scheduled tasks that exploit improper security context validation. Affects Windows Vista SP1/SP2, Windows Server 2008 (all service packs and editions), Windows Server 2008 R2, and Windows 7. Public exploit code exists (Exploit-DB 15589, 19930) with a 63% EPSS score (98th percentile), indicating high real-world exploitation probability despite requiring local access. Microsoft addressed this via MS10-092 bulletin in December 2010, though the note suggests potential overlap with CVE-2010-3888.

Technical ContextAI

Windows Task Scheduler is a system component that enables users and administrators to configure and schedule automated tasks on Windows systems. This vulnerability (CWE-20: Improper Input Validation) stems from the Task Scheduler's failure to properly validate and enforce security context boundaries when creating or executing scheduled tasks. The flaw allows a local authenticated user to craft a scheduled task that runs with elevated privileges beyond what the user's security token should permit. The affected CPE entries span multiple Windows platforms from the Vista/Server 2008 era through Windows 7, including x32, x64, and Itanium architectures. The vulnerability resides in the task scheduling service's privilege handling mechanism, which incorrectly assigns or inherits security contexts during task creation or execution phases.

RemediationAI

Apply Microsoft Security Bulletin MS10-092 patches released December 2010, available at https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-092, which addresses the Task Scheduler security context validation flaw across all affected Windows platforms. Organizations running Windows Vista, Server 2008, or Windows 7 should prioritize migration to supported operating systems (Windows 10/11, Server 2016 or later) as these platforms reached end-of-life and no longer receive security updates. For systems that cannot be immediately patched or migrated, implement strict local access controls through Group Policy to limit which users can create scheduled tasks, disable the Task Scheduler service on non-critical systems where automated tasks are not required (noting this will break legitimate automation and may impact system functionality), and monitor scheduled task creation/modification events (Event ID 4698, 4702) through centralized logging to detect exploitation attempts. Restrict interactive logon rights to minimize the pool of users who could exploit this local vulnerability, though this may impact legitimate administrative workflows.

CVE-2010-3338 vulnerability details – vuln.today

Back