Skip to main content

Microsoft CVE-2026-33827

| EUVDEUVD-2026-22647 HIGH
Race Condition (CWE-362)
2026-04-14 microsoft GHSA-84rj-w2f7-fjx4
8.1
CVSS 3.1 · NVD
Temporal: 7.1
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
7.1 HIGH
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:37 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22647
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:58 nvd
HIGH 8.1

DescriptionCVE.org

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

AnalysisAI

Remote code execution in Windows TCP/IP networking stack across Windows 10, 11, and Server versions allows unauthenticated network attackers to execute arbitrary code by exploiting a race condition in shared resource synchronization. The vulnerability affects all supported Windows versions from Server 2012 through Windows 11 26H1 and Server 2025. Microsoft has released patches addressing this high-severity flaw (CVSS 8.1). No public exploit identified at time of analysis, though SSVC assessment

Technical ContextAI

The vulnerability resides in the Windows TCP/IP protocol stack implementation, specifically in concurrent execution logic where multiple threads or processes access shared network resources without proper synchronization primitives (CWE-362). Race conditions of this nature typically occur when time-of-check-to-time-of-use (TOCTOU) flaws allow attackers to manipulate state between validation and use operations. In network stack implementations, such vulnerabilities often arise in packet processing routines where buffer management, connection state handling, or memory allocation occurs across concurrent threads. The affected CPE range spans the entire Windows ecosystem including Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (22H3, 23H2, 24H2, 25H2, 26H1), and all Windows Server editions from 2012 through 2025, indicating the flaw exists in core TCP/IP code shared across these platforms for over a decade.

RemediationAI

Apply Microsoft security updates immediately to upgrade affected systems to patched versions. Windows 10 1607 and Server 2016 require build 10.0.14393.9060 or later. Windows 10 1809 and Server 2019 need build 10.0.17763.8644 or higher. Windows 10 21H2 requires build 10.0.19044.7184 minimum, while 22H2 needs 10.0.19045.7184. Windows 11 22H3 and 23H2 require build 10.0.22631.6936, version 24H2 needs 10.0.26100.32690, version 25H2 requires 10.0.26200.8246, and version 26H1 needs 10.0.28000.1836. Server 2012 requires 6.2.9200.26026, Server 2012 R2 needs 6.3.9600.23132, Server 2022 requires 10.0.20348.5020, Server 2022 23H2 needs 10.0.25398.2274, and Server 2025 requires 10.0.26100.32690. Patches available through Windows Update, WSUS, or Microsoft Update Catalog. For systems that cannot be immediately patched, implement network segmentation to limit exposure of vulnerable TCP/IP stacks to untrusted networks, though no complete workaround exists for this code-level flaw. Full remediation details at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33827.

Share

CVE-2026-33827 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy