CVE-2024-49039

ENISA EUVD: EUVD-2024-43910 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 7 articles Published: 2024-11-12

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

63.67%

probability

This CVE has a 63.67% probability of being exploited in the next 30 days.

0% Top 98.4th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

NVD

Windows Task Scheduler Elevation of Privilege Vulnerability

Affected Products

Microsoft

Windows Server 2025

10.0.26100.0

Microsoft

Windows Server 2025 (Server Core installation)

10.0.26100.0

Microsoft

Windows 10 Version 1809

10.0.17763.0

Microsoft

Windows Server 2019

10.0.17763.0

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0

microsoft

windows 10 1507

microsoft

windows 10 1607

microsoft

windows 10 1809

microsoft

windows 10 21h2

microsoft

windows 10 22h2

Microsoft

Windows Server 2022

10.0.20348.0 <10.0.20348.2849

Microsoft

Windows 11 version 22H2

10.0.22621.0 <10.0.22621.4460

Microsoft

Windows Server 2022, 23H2 Edition (Server Core installation)

10.0.25398.0 <10.0.25398.1251

Microsoft

Windows 10 Version 1607

10.0.14393.0 <10.0.14393.7515

Microsoft

Windows 11 Version 23H2

10.0.22631.0 <10.0.22631.4460

Microsoft

Windows 11 version 22H3

10.0.22631.0 <10.0.22631.4460

Microsoft

Windows Server 2025

10.0.26100.0 <10.0.26100.2314

Microsoft

Windows Server 2025 (Server Core installation)

10.0.26100.0 <10.0.26100.2314

Microsoft

Windows 11 Version 24H2

10.0.26100.0 <10.0.26100.2314

Microsoft

Windows Server 2019

10.0.17763.0 <10.0.17763.6532

Microsoft

Windows Server 2019 (Server Core installation)

10.0.17763.0 <10.0.17763.6532

Microsoft

Windows 10 Version 22H2

10.0.19045.0 <10.0.19045.5131

Microsoft

Windows 10 Version 1507

10.0.10240.0 <10.0.10240.20826

Microsoft

Windows Server 2016

10.0.14393.0 <10.0.14393.7515

Microsoft

Windows Server 2016 (Server Core installation)

10.0.14393.0 <10.0.14393.7515

Microsoft

Windows 10 Version 1809

10.0.17763.0 <10.0.17763.6532

Microsoft

Windows 10 Version 21H2

10.0.19043.0 <10.0.19044.5131

Attack Intelligence

CWE-284 · Improper Access Control CWE-287 · Improper Authentication

Google Project Zero

Reported by

Vlad Stolyarov and Bahare Sabouri of Google's Threat Analysis Group

Root Cause Analysis

???

Exploits & PoC

je5442804/WPTaskScheduler_CVE-2024-49039

WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler

144 2025-07-21

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039

vendor-advisory

Signal Intelligence

Confidenceⓘ

92%

EPSS 63.67%

CVSS v3.1 8.8

Mentions 7

Last Seen Nov 26, 2024

CNA Information

CNA Assigner

microsoft

CNA Title

Windows Task Scheduler Elevation of Privilege Vulnerability

Analyst Note

This CVE is confirmed as a zero-day vulnerability affecting Windows Server 2025's Task Scheduler with a HIGH severity rating (CVSS 8.8). The vulnerability was addressed in Microsoft's November 2024 Patch Tuesday and is documented by reputable sources including Google Project Zero and CERT-EU, with active exploitation reported by Russian threat actors.