CVE-2026-45597
HighCVSS 7.0Exploitation Probability (EPSS)
Low risk16th percentile - higher than 16% of all known CVEs
Summary
A race condition in UI Automation Manager (uiamanager.dll) allows an authorized attacker to locally elevate privileges due to improper synchronization during concurrent execution using shared resources.
Risk Assessment
The organization may be vulnerable to local attacks that allow authorized users to gain elevated privileges, potentially leading to unauthorized access to sensitive data.
Recommendation
It is recommended to review and improve synchronization mechanisms in UI Automation Manager to prevent race conditions.
Original NVD description (English source)
Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally.

