Skip to main content

Windows Push Notifications EUVDEUVD-2026-35739

| CVE-2026-42977 HIGH
Race Condition (CWE-362)
2026-06-09 secure@microsoft.com GHSA-j8g4-4862-cvp2
High
Disputed · 7.8 NVD
Temporal: 6.8
Share

Severity by source

Sources disagree (Medium–Critical)
NVD PRIMARY
7.8 HIGH
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
ENISA EUVD
CRITICAL
qualitative
CIRCL (temporal)
6.8 MEDIUM
cvss

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 09, 2026 - 18:39 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 7.8

DescriptionNVD

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in Windows Push Notifications enables an authenticated low-privileged user to elevate to higher privileges by exploiting a race condition (CWE-362) in concurrent access to a shared resource. Successful exploitation results in high impact to confidentiality, integrity, and availability with scope change, but no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as low-privileged local user
Delivery
Drop race-condition exploit binary
Exploit
Spawn concurrent threads against Push Notifications shared resource
Execution
Win timing window between check and use
Persist
Escalate to SYSTEM via scope change
Impact
Establish persistence and harvest credentials

Vulnerability AssessmentAI

Exploitation Exploitation requires local interactive or authenticated session access to the target Windows host with at least low-privilege user rights (PR:L) and the ability to execute arbitrary code that interacts with the Windows Push Notifications service; no user interaction from another user is needed (UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 7.8 reflects local attack vector (AV:L), high attack complexity (AC:H), low privileges required (PR:L), no user interaction (UI:N), scope change (S:C), and high impact across CIA - meaning a logged-in standard user could escape into another security domain (likely SYSTEM). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated low-privileged user - for example, a standard domain user on a shared workstation or a low-privilege service account on a multi-tenant terminal server - runs a crafted binary that repeatedly triggers operations against the Windows Push Notification subsystem while a second thread races to swap or modify the shared resource between validation and use. After winning the race, the attacker pivots from limited user to SYSTEM, enabling credential theft from LSASS, installation of persistence, and lateral movement. …
Remediation Apply the patch available per Microsoft's MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42977 by deploying the relevant cumulative or security update for each affected Windows version through Windows Update, WSUS, or your enterprise patch management platform. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Windows systems in your environment and assess their current patch status against the latest Microsoft security updates. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-35739 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy