Skip to main content

Microsoft CVE-2026-32216

| EUVDEUVD-2026-22599 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-04-14 microsoft GHSA-cw5m-47qq-278v
5.5
CVSS 3.1 · NVD
Temporal: 4.8
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CIRCL (temporal)
4.8 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Apr 14, 2026 - 19:41 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22599
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:57 nvd
MEDIUM 5.5

DescriptionCVE.org

Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.

AnalysisAI

Null pointer dereference in Windows Redirected Drive Buffering denies service to local authenticated users on Windows 11 version 26H1 (build 10.0.28000.0-10.0.28000.1835). An authorized attacker with local access can trigger the vulnerability to crash the affected system component, though code execution is not possible. Vendor-released patch available; no public exploit code identified at time of analysis.

Technical ContextAI

Windows Redirected Drive Buffering is a kernel or system-level driver component that manages buffered I/O operations for redirected storage devices (commonly used in Remote Desktop, virtualization, and terminal server scenarios). The vulnerability stems from improper null pointer validation (CWE-476), where the code dereferences a pointer without first checking whether it is null. When a specially crafted local I/O request reaches the buffering subsystem, the unchecked dereference triggers a kernel exception or driver crash, resulting in denial of service. The affected CPE identifies Windows 11 version 26H1 specifically, suggesting the flaw was introduced or exposed in a recent version branch. The null pointer dereference pattern is a classic memory safety weakness that typically requires the attacker to control specific input conditions or state.

RemediationAI

Install the vendor-released patch for Windows 11 version 26H1, which updates the Redirected Drive Buffering component to build 10.0.28000.1836 or later. Patch availability is confirmed via the Microsoft Security Response Center (MSRC) at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32216. No permanent workaround short of patching exists; however, organizations may temporarily mitigate risk by restricting local user account creation and enforcing principle-of-least-privilege access policies. Ensure automatic Windows Update is enabled or manually deploy the patch through Windows Update, WSUS, or direct download from MSRC. Verify installation by checking the build version post-patch to confirm it is 10.0.28000.1836 or higher.

Share

CVE-2026-32216 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy