⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.. Due date: 2024-12-03.

CVE-2024-49039Improper Authentication in Microsoft Windows 10 Version 1507

CWE-287Improper Authentication21 documents14 sources
Severity
8.8HIGHNVD
EPSS
63.7%
top 1.58%
CISA KEV
KEVRansomware
Added 2024-11-12
Due 2024-12-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
35
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1809+32 more
Timeline
PublishedNov 12
KEV addedNov 12
KEV dueDec 3
Latest updateFeb 2
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Windows Task Scheduler Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages35 packages

NVDmicrosoft/windows< 10.0.14393.7515+4
NVDmicrosoft/windows_10_1507< 10.0.10240.20826
NVDmicrosoft/windows_10_1607< 10.0.14393.7515
NVDmicrosoft/windows_10_1809< 10.0.17763.6532
NVDmicrosoft/windows_10_21h2< 10.0.19044.5131

Patches

Patch: msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-jmf3-9f5j-cpjh: Windows Task Scheduler Elevation of Privilege Vulnerability2024-11-12
VulnCheck
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability2024

📋Vendor Advisories

2
CISA
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability2024-11-12
Microsoft
Windows Task Scheduler Elevation of Privilege Vulnerability2024-11-12

🕵️Threat Intelligence

15
Greynoiseio
The Noise in the Silence: Unmasking CISA's Hidden KEV Ransomware Updates2026-02-02
Bleepingcomputer
Details emerge on WinRAR zero-day attacks that infected PCs with malware2025-08-11
Securelist
Vulnerability landscape analysis for Q4 20242025-02-26
Securelist
Exploits and vulnerabilities in Q4 20242025-02-26
Tenable
Microsoft Patch Tuesday 2024 Year in Review2024-12-10
CVE-2024-49039 — Improper Authentication in Microsoft | cvebase