Windows 11 25h2
CVE-2026-20962
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.
AnalysisAI
Uninitialized memory in the Dynamic Root of Trust for Measurement (DRTM) component of Windows 11 25h2, Windows Server 2019, Windows 10 22h2, Windows 10 1809, and Windows 11 23h2 allows a high-privileged local attacker to read sensitive information from kernel memory. The vulnerability requires administrative or equivalent privileges to exploit and carries no patch availability. This issue is tracked under CWE-908 with a CVSS score of 4.4.
Technical ContextAI
Classified as CWE-908 (Use of Uninitialized Resource). Affects Windows 10 1809. Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.
RemediationAI
Monitor vendor advisories for a patch.
More in Windows 11 25h2
View allWindows Shell contains a protection mechanism failure (CVE-2026-21510, CVSS 8.8) that allows unauthenticated remote atta
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptograph
Desktop Window Manager (DWM) in Windows contains a type confusion vulnerability (CVE-2026-21519, CVSS 7.8) that enables
Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenti
Windows Kernel contains a race condition vulnerability enabling local privilege escalation through concurrent resource a
Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow v
Local code execution in Microsoft Windows Win32K GRFX (graphics) subsystem allows an attacker with low-privilege local a
Local code execution in the Windows Win32K GRFX (graphics) subsystem allows an unauthorized attacker with the ability to
BitLocker's protection mechanism on Windows fails to enforce a critical authentication or verification step, permitting
Security feature bypass in Microsoft Windows BitLocker allows an attacker with physical access to circumvent the drive e
Denial-of-service in the Windows TCP/IP stack allows an authenticated attacker on an adjacent network to crash the netwo
Windows Push Notifications contains a use-of-uninitialized-resource flaw (CWE-200) that enables a locally authenticated
Same weakness CWE-908 – Use of Uninitialized Resource
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today