Skip to main content

Microsoft CVE-2026-32082

| EUVDEUVD-2026-22514 HIGH
Race Condition (CWE-362)
2026-04-14 microsoft GHSA-xxc2-62g3-qjhj
7.0
CVSS 3.1 · NVD
Temporal: 6.1
Share

Severity by source

NVD PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
6.1 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:18 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22514
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:57 nvd
HIGH 7.0

DescriptionCVE.org

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in Windows SSDP Service across Windows 10, Windows 11, and Windows Server 2012-2025 allows authenticated users with low privileges to gain SYSTEM-level access by exploiting a race condition in shared resource handling. Attack complexity is high (AC:H), requiring precise timing to win the race window. Patch available per vendor advisory; no public exploit identified at time of analysis.

Technical ContextAI

The Windows SSDP (Simple Service Discovery Protocol) Service, responsible for discovering networked devices via UPnP, contains a race condition vulnerability (CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization). Race conditions occur when multiple threads or processes access shared memory, files, or system resources without proper locking mechanisms, creating a time-of-check to time-of-use (TOCTOU) window. In this case, an attacker with existing low-privilege access can manipulate timing to execute code in a higher-privilege context during the brief moment when the SSDP service performs security-sensitive operations on shared resources. The vulnerability affects a broad range of Microsoft platforms identified via CPE strings, spanning legacy systems (Windows Server 2012) through current releases (Windows 11 26H1, Windows Server 2025).

RemediationAI

Apply security updates from Microsoft's January 2026 Patch Tuesday release cycle. Patched versions per EUVD include Windows Server 2025 build 10.0.26100.32690 or later, Windows 11 26H1 build 10.0.28000.1836 or later, Windows 11 23H2/22H3 build 10.0.22631.6936 or later, Windows 10 22H2 build 10.0.19045.7184 or later, Windows Server 2022 build 10.0.20348.5020 or later, and corresponding fix builds for other affected versions as detailed in Microsoft Security Response Center guidance at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32082. Deploy patches through standard Windows Update, WSUS, or enterprise patch management systems. As interim mitigation for systems unable to patch immediately, restrict local logon access to trusted administrators only and implement privileged access workstation (PAW) policies to limit low-privilege user sessions on sensitive systems.

Share

CVE-2026-32082 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy