CVE-2026-24295

Name of the Vulnerable Software and Affected Versions Windows versions (affected versions not specified)

Description A flaw exists in the Windows Device Association Service related to synchronization errors when a shared resource is used. Exploitation of this issue could allow an attacker to gain elevated privileges. The issue involves concurrent execution using a shared resource with improper synchronization, creating a 'race condition'. This allows an authorized attacker to elevate privileges locally.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.