CVE-2026-24291
published 2026-03-10CVE-2026-24291: Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_1809 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_21h2 | < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_22h2 | < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_11_23h2 | < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_24h2 | < 10.0.26100.7979 | 10.0.26100.7979 |
| microsoft | windows_11_25h2 | < 10.0.26200.7979 | 10.0.26200.7979 |
| microsoft | windows_11_26h1 | < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.8037 | 10.0.26100.8037 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.8037 | 10.0.26200.8037 |
| microsoft | windows_11_version_26h1 | >= 10.0.28000.0 < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25973 | 6.2.9200.25973 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.23074 | 6.3.9600.23074 |
| microsoft | windows_server_2016 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2019 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2022 | < 10.0.20348.4830 | 10.0.20348.4830 |