Industrial
CVE-2026-20814
HIGH
Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.
AnalysisAI
Privilege escalation in the Graphics Kernel affects Linux, Windows Server 2016, and Windows 10 1607 through a race condition in shared resource synchronization. A local authenticated attacker can exploit this vulnerability to gain elevated privileges on the affected system. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-362 (Race Condition). Affects Windows 10 1607. Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.
RemediationAI
Monitor vendor advisories for a patch.
More in Industrial
View allKede Electronics IoT smart water meter monitoring platform v1.0 has a SQL injection allowing attackers to compromise the
bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code th
RustCrypto CMOV before 0.4.4 emits non-constant-time assembly on ARM Cortex-M0/M0+/M1 targets. Cryptographic operations
dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to over
SQL injection in Koko Analytics for WordPress prior to version 2.1.3 allows unauthenticated attackers to inject maliciou
RustCrypto's SM2 elliptic curve implementation in versions 0.14.0-pre.0 and 0.14.0-rc.0 is vulnerable to denial-of-servi
free5GC SMF versions up to 1.4.1 crash when receiving malformed PFCP SessionReportRequest packets on UDP port 8805, allo
free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the UDP/8805 inte
free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the PFCP interfac
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that ca
Mailpit versions up to 1.28.2 contains a vulnerability that allows attackers to intercept sensitive data such as email c
Authentication bypass via path traversal in ZBT WE2001 router's check_token function. EPSS 0.69% — crafted requests bypa
Same weakness CWE-362 – Race Condition
View allSame technique Race Condition
View allShare
External POC / Exploit Code
Leaving vuln.today