Black & White Path

May 6, 2026 · Information Security

Inside RegPwn (CVE‑2026‑24291): How a Simple Lock‑Screen Race Condition Grants SYSTEM Access

CVE‑2026‑24291, dubbed RegPwn, exploits a race condition in the Windows ATConfig mechanism that lets a standard user create a registry symbolic link, trigger a lock‑screen transition, and silently elevate to SYSTEM, affecting multiple Windows 10, 11, and Server releases until patched in March 2026.