PT-2026-2692 · Microsoft · Windows Routing/Remote Access Service+1

Ezrakie

Publicado

2026-01-13

Atualizado

2026-01-14

CVE-2026-20843

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows Routing and Remote Access Service (RRAS) (affected versions not specified)

Description An issue with access control in Windows Routing and Remote Access Service (RRAS) could allow a local attacker to gain elevated privileges. The vulnerability allows an authorized attacker to elevate privileges locally.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

BDU:2026-00385

CVE-2026-20843

Produtos afetados

Windows

Windows Routing/Remote Access Service

PT-2026-2692 · Microsoft · Windows Routing/Remote Access Service+1

CVE-2026-20843

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8