Skip to main content

Microsoft EUVDEUVD-2026-22475

| CVE-2026-27925 MEDIUM
Use After Free (CWE-416)
2026-04-14 microsoft
6.5
CVSS 3.1 · NVD
Temporal: 5.7
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CIRCL (temporal)
5.7 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 14, 2026 - 19:42 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22475
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:58 nvd
MEDIUM 6.5

DescriptionCVE.org

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.

AnalysisAI

Use-after-free memory corruption in Windows UPnP Device Host enables unauthenticated adjacent network attackers to disclose sensitive information with CVSS 6.5 high severity. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and multiple Windows Server editions (2012 through 2025). Microsoft has released patches with specific version thresholds; exploitation requires network adjacency but no authentication or user interaction.

Technical ContextAI

Windows Universal Plug and Play (UPnP) Device Host service implements network device discovery and control protocols. The vulnerability exploits CWE-416 (use-after-free), a memory safety defect where freed memory is accessed after deallocation, causing information disclosure through memory contents that should no longer be accessible. UPnP operates at the application layer over UDP/TCP on adjacent networks (local network segment), making it reachable by any device on the same LAN without routing across the internet. The affected code path in the UPnP Device Host fails to properly manage object lifetime, allowing an attacker to trigger a use-after-free condition that leaks kernel or application memory.

RemediationAI

Vendor-released patches are available per Microsoft Security Response Center. Update to Windows 10 Version 1607 build 14393.9060 or later, Version 1809 build 17763.8644 or later, Version 21H2 build 19044.7184 or later, or Version 22H2 build 19045.7184 or later. For Windows 11, update to Version 22H3/23H2 build 22631.6936 or later, Version 24H2 build 26100.32690 or later, Version 25H2 build 26200.8246 or later, or Version 26H1 build 28000.1836 or later. Windows Server editions must be patched to their corresponding fixed builds (Server 2012/2012 R2, 2016, 2019, 2022, 2025). Apply patches via Windows Update or manual installation from Microsoft Update Catalog. Interim mitigation: disable UPnP Device Host service if not required, or implement network segmentation to restrict UPnP traffic to trusted devices only. Refer to Microsoft Security Update Guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27925.

Share

EUVD-2026-22475 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy