CVE Catalog

CVE-2026-45597

HighCVSS 7.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.05%

16th percentile - higher than 16% of all known CVEs

Summary

A race condition in UI Automation Manager (uiamanager.dll) allows an authorized attacker to locally elevate privileges due to improper synchronization during concurrent execution using shared resources.

Risk Assessment

The organization may be vulnerable to local attacks that allow authorized users to gain elevated privileges, potentially leading to unauthorized access to sensitive data.

Recommendation

It is recommended to review and improve synchronization mechanisms in UI Automation Manager to prevent race conditions.

Original NVD description (English source)

Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS