Back

Critical Windows Error Reporting Vulnerability Allows SYSTEM Access via Privilege Escalation

Severity: High (Score: 72.6)

Sources: Cybersecuritynews, Gbhackers

Summary

A local privilege escalation vulnerability in the Windows Error Reporting (WER) service, tracked as CVE-2026-20817, has been identified, allowing attackers to gain full SYSTEM access. This flaw enables local users with standard rights to escalate their privileges through improper permission handling. Due to the severity of the vulnerability, Microsoft has opted to completely remove the affected feature instead of issuing a traditional patch. The vulnerability was published on January 13, 2026, and the first proof of concept (PoC) was released on February 18, 2026. This poses a significant risk to systems running affected versions of Windows. Organizations are urged to assess their systems for exposure to this vulnerability. Key Points: • CVE-2026-20817 allows local privilege escalation to SYSTEM access. • Microsoft removed the vulnerable feature entirely due to its severity. • The vulnerability was first publicly disclosed on January 13, 2026.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2026-20817 (cve)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • Windows (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed