CVE-2023-26077

✓ Confirmed 0-Day

Triaged: March 20, 2026 1 article

VulnLookup ↗ NVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-24

0.05%

probability

This CVE has a 0.05% probability of being exploited in the next 30 days.

0% Top 16.1th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

NVD

Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.

Affected Products

atera

Attack Intelligence

CWE-276 · Incorrect Default Permissions CWE-284 · Improper Access Control CWE-285 · Improper Authorization CWE-664 · Improper Control of a Resource Through its Lifetime CWE-668 · Exposure of Resource to Wrong Sphere CWE-732 · Incorrect Permission Assignment

https://github.com/mandiant/Vulnerability-Disclosures

Third Party Advisory

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0008.md

Third Party Advisory

https://www.atera.com

Product

https://github.com/mandiant/Vulnerability-Disclosures

Third Party Advisory

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0008.md

Third Party Advisory

https://www.atera.com

Product

Signal Intelligence

Confidenceⓘ

78%

EPSS 0.05%

CVSS v3.1 7.8

Mentions 1

CNA Information

Analyst Note

CVE-2023-26077 is explicitly named as a zero-day in Atera Windows Installers, discovered by Mandiant on February 28, 2023. The article clearly designates it as a zero-day vulnerability enabling privilege escalation. Timing aligns with 2023 CVE year, and Mandiant discovery provides credible evidence of in-the-wild exploitation context, though patch timing details are not explicitly stated in the excerpt.

Triage Info

Decided atMar 20, 2026