Description
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
Published: 2026-05-12
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Improper access control in the Windows Event Logging Service can allow a local attacker that already has authorized access to elevate privileges to higher levels. The bug results from an access control failure (CWE‑284) that permits the attacker to gain additional Windows user rights or become a local administrator. The impact includes full control over the machine, the ability to install malicious software, modify system settings, and potentially move laterally within the local network.

Affected Systems

Microsoft Windows 10 versions 1607, 1809, 21H2, and 22H2; Microsoft Windows 11 versions 23H2, 24H2, 25H2, 26H1, and 22H3; Microsoft Windows Server 2012, Server 2012 R2, Server 2016, Server 2019, Server 2022, Server 2025, and Server 23H2, including server core installations where noted. All affected builds are listed in the Microsoft Security Update Guide for CVE‑2026‑33834.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity for local privilege escalation. Exploitability data (EPSS) is not available, but the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local, requiring that the attacker already has an authorized account or is present on the machine. Once exploited, the attacker can gain elevated access to the Windows operating system.

Generated by OpenCVE AI on May 12, 2026 at 18:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Microsoft security updates available for the affected Windows versions from the Microsoft Security Response Center update guide for CVE‑2026‑33834.
  • Ensure that users do not have more privileges than necessary; remove administrative rights from local accounts unless required for business tasks.
  • Review and tighten permissions on the Event Logging Service so that only trusted accounts can create or modify event logs, consistent with the principle of least privilege.

Generated by OpenCVE AI on May 12, 2026 at 18:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
Title Windows Event Logging Service Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-284
CPEs cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 Windows 11 24h2 Windows 11 25h2 Windows 11 26h1 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025 Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-13T03:56:55.246Z

Reserved: 2026-03-24T00:52:01.353Z

Link: CVE-2026-33834

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-12T18:17:05.293

Modified: 2026-05-12T18:17:05.293

Link: CVE-2026-33834

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T19:00:20Z

Weaknesses