Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
AnalysisAI
Windows Installer privilege escalation via improper permission handling enables authenticated local users to gain SYSTEM-level access across all supported Windows 10, 11, and Server platforms (2012-2025). The vulnerability (CWE-280: Improper Handling of Insufficient Privileges) requires low-privilege local access but offers complete system compromise with low attack complexity. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Local user account required on Windows system with Windows Installer service running. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is HIGH for multi-user environments and standard deployment scenarios. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated local user crafts a malicious .msi package that exploits improper permission validation in Windows Installer, escalating privileges to SYSTEM without requiring administrative credentials or user interaction. |
| Remediation | Apply Microsoft security updates immediately through Windows Update, WSUS, or Configuration Manager to upgrade to patched versions. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all affected Windows 10, 11, and Server 2012-2025 systems and prioritize patching for systems with multiple local user accounts or contractor access. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22449
GHSA-3wgf-ccpx-rv72