Skip to main content

Microsoft EUVDEUVD-2026-22458

| CVE-2026-27914 HIGH
Improper Access Control (CWE-284)
2026-04-14 microsoft GHSA-72h2-6w4v-2j9w
7.8
CVSS 3.1 · NVD
Temporal: 6.8
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
6.8 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:29 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22458
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:58 nvd
HIGH 7.8

DescriptionCVE.org

Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

AnalysisAI

Microsoft Management Console privilege escalation affects all supported Windows versions (10, 11, Server 2012-2025) via improper access control, allowing authenticated local users to gain SYSTEM-level privileges. CVSS 7.8 (High) reflects significant impact with low attack complexity requiring only low-level user credentials. Vendor-released patches available across all affected platforms through Microsoft's May 2025 update cycle. No public exploit identified at time of analysis, though the authe

Technical ContextAI

Microsoft Management Console (MMC) is a core Windows administrative framework hosting snap-ins for system management tasks. The vulnerability stems from CWE-284 (Improper Access Control), where MMC fails to properly validate authorization boundaries when processing requests from authenticated low-privilege users. The flaw allows authenticated users to bypass privilege checks and execute administrative operations with elevated SYSTEM privileges. The widespread CPE coverage spanning Windows 10 version 1607 (2016 release) through Windows 11 26H1 and Windows Server 2012 through 2025 indicates the access control weakness exists in foundational MMC code shared across the entire modern Windows product line. The local attack vector (AV:L) and no user interaction requirement (UI:N) suggest exploitation through direct API calls or file operations rather than social engineering.

RemediationAI

Apply Microsoft's May 2025 security updates immediately via Windows Update or WSUS to patch affected systems to the fixed build versions specified in EUVD-2026-22458. For Windows 10 systems, update to builds 10.0.14393.9060 (v1607), 10.0.17763.8644 (v1809), 10.0.19044.7184 (21H2), or 10.0.19045.7184 (22H2). For Windows 11, update to builds 10.0.22631.6936 (22H3/23H2), 10.0.26100.32690 (24H2), 10.0.26200.8246 (25H2), or 10.0.28000.1836 (26H1). Windows Server environments require updates to 6.2.9200.26026 (2012), 6.3.9600.23132 (2012 R2), 10.0.14393.9060 (2016), 10.0.17763.8644 (2019), 10.0.20348.5020 (2022), 10.0.25398.2274 (2022 23H2), or 10.0.26100.32690 (2025). No workarounds identified; patching is the only effective mitigation. Prioritize internet-facing systems and environments with privileged access management gaps. Full update guidance at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27914.

Share

EUVD-2026-22458 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy