A serious flaw in Windows Error Reporting (WER) allows local attackers to gain SYSTEM privileges. CVE-2026-20817, patched in January 2026, scores 7.8 on CVSS v3.1 due to its high impact on confidentiality, integrity, and availability. Vulnerability Basics CVE-2026-20817 affects wersvc.dll in the WER service, which runs as NT AUTHORITY\SYSTEM and handles crash reports via ALPC […] The post Windows Error Reporting Vulnerability Allows Attackers to Elevate Privileges appeared first on Cyber Security News.