Skip to main content

Windows Push Notifications CVE-2026-42979

| EUVDEUVD-2026-35740 HIGH
Race Condition (CWE-362)
2026-06-09 secure@microsoft.com GHSA-j5xm-8fgh-w49x
High
Disputed · 7.8 NVD
Temporal: 6.8
Share

Severity by source

Sources disagree (Medium–Critical)
NVD PRIMARY
7.8 HIGH
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
ENISA EUVD
CRITICAL
qualitative
CIRCL (temporal)
6.8 MEDIUM
cvss

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 09, 2026 - 18:40 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 7.8

DescriptionNVD

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in Microsoft Windows Push Notifications service stems from a race condition (CWE-362) that an attacker with low-privileged local access can exploit to gain higher privileges. No public exploit identified at time of analysis, and the issue is not on CISA KEV, but the CVSS 7.8 rating reflects high impact across confidentiality, integrity, and availability once the race is won. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-priv local session
Delivery
Drop race-trigger binary
Exploit
Repeatedly invoke Push Notifications API
Execution
Win TOCTOU window on shared resource
Persist
Coerce privileged service operation
Impact
Elevate to SYSTEM

Vulnerability AssessmentAI

Exploitation The attacker must already hold local, interactive or interactive-equivalent execution on the target Windows host as a low-privileged authenticated user (PR:L, AV:L, UI:N), and must reliably win a timing race against the Windows Push Notifications service (AC:H), which typically requires multiple attempts and may be sensitive to CPU load, core count, and scheduler behavior. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) signals a meaningful but constrained risk: an attacker must already have local code execution with low privileges and must reliably win a race (AC:H), but successful exploitation yields full system compromise across an authority boundary. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A standard user on a shared Windows host - for example, an RDP jump server or a workstation already compromised by a phishing payload running as the logged-in user - launches a small tool that repeatedly triggers the vulnerable Push Notifications code path while concurrently manipulating the shared resource. After enough iterations the race is won, allowing the attacker's process to influence privileged operations and elevate to SYSTEM. …
Remediation Apply the Microsoft security update referenced in the MSRC advisory (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42979) corresponding to your Windows build - patch is available from the vendor, though an exact KB/build number was not provided in the input and must be taken directly from the MSRC update guide for your SKU. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Conduct a complete inventory of Windows systems running Push Notifications service and document current patch levels. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-42979 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy