Local Privilege Escalation
The latest Local Privilege Escalation coverage — news, analysis, and updates from the WindowsNews.AI desk.
Mitsubishi FREQSHIP-mini Flaw Gives Attackers SYSTEM Access in Critical Infrastructure
A critical local privilege escalation vulnerability has been discovered in Mitsubishi Electric's FREQSHIP-mini software for Windows, designated CVE-2025-10314, posing significant risks to industrial...
Siemens TeleControl Server Basic Gets Critical Patch for High-Impact Privilege Flaw – Here’s What to Do
Siemens has released an urgent update for its TeleControl Server Basic software, closing a local privilege escalation vulnerability that could allow attackers with minimal local access to seize full...
CVE-2026-20871: Microsoft Patches Critical DWM Privilege Escalation Flaw in Windows
Microsoft's January 2026 Patch Tuesday security updates addressed a significant elevation-of-privilege vulnerability in the Desktop Window Manager (DWM) component of Windows, tracked as...
CVE-2026-20830: Windows Camsvc Flaw Could Give Attackers Full System Control—Here’s How to Patch
Microsoft has confirmed a local privilege escalation vulnerability, tracked as CVE-2026-20830, in the Windows Capability Access Management Service (camsvc). The flaw, publicly disclosed in the...
CVE-2026-20943: Critical Office Click-to-Run Vulnerability Threatens Windows Security
Microsoft's security researchers have identified a significant elevation-of-privilege vulnerability in Microsoft Office's Click-to-Run (C2R) delivery component, designated CVE-2026-20943. This...
CVE-2026-20817: Critical Windows Error Reporting Vulnerability Requires Immediate Patching
Microsoft has issued an urgent security advisory for CVE-2026-20817, a critical local privilege escalation vulnerability in Windows Error Reporting that could allow attackers to gain SYSTEM-level...
CVE-2026-20820: Critical Windows CLFS Driver Vulnerability Enables Local Privilege Escalation
Microsoft has disclosed a critical security vulnerability in the Windows Common Log File System (CLFS) driver that could allow attackers to gain SYSTEM-level privileges on affected systems....
CVE-2026-20809: Windows Kernel TOCTOU Vulnerability & Patch Management Guide
Microsoft has disclosed a critical Windows kernel vulnerability, CVE-2026-20809, rated as Important with a CVSS score of 7.8, representing a significant local privilege escalation threat. This...
CVE-2026-20804 patch released for Windows Hello privilege escalation flaw
Microsoft has disclosed a significant security vulnerability in its Windows Hello biometric authentication system, designated CVE-2026-20804, which presents a local privilege escalation risk that...