Skip to main content

Microsoft EUVDEUVD-2026-22607

| CVE-2026-32220 MEDIUM
Improper Access Control (CWE-284)
2026-04-14 microsoft GHSA-m38r-h8hp-4q9w
4.4
CVSS 3.1 · NVD
Temporal: 3.9
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CIRCL (temporal)
3.9 LOW
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 14, 2026 - 19:41 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22607
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:57 nvd
MEDIUM 4.4

DescriptionCVE.org

Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

AnalysisAI

Windows Virtualization-Based Security (VBS) Enclave in Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025 allows high-privileged local attackers to bypass security features through improper access control, resulting in integrity compromise without requiring user interaction. A vendor-released patch is available from Microsoft's security updates.

Technical ContextAI

Virtualization-Based Security (VBS) Enclaves in Windows leverage hardware virtualization and isolation mechanisms to create protected execution environments resistant to kernel-level compromise. The vulnerability stems from CWE-284 (Improper Access Control), indicating inadequate authorization checks within the enclave's access control mechanisms. Affected systems span multiple Windows 11 build versions (24H2, 25H2, 26H1) and Windows Server 2025 deployments, including Server Core installations. The vulnerability requires high privilege context (PR:H in CVSS vector), limiting exploitation to users or processes already operating at administrator level on the local system.

RemediationAI

Vendor-released patch: Install Microsoft security updates that increment Windows 11 Version 24H2 to build 10.0.26100.32690 or later, Windows 11 Version 25H2 to build 10.0.26200.8246 or later, Windows 11 Version 26H1 to build 10.0.28000.1836 or later, and Windows Server 2025 to build 10.0.26100.32690 or later. Apply updates through Windows Update, WSUS, or direct download from the Microsoft Security Response Center (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32220). No interim workarounds are documented; patching is the primary remediation path. Organizations should test patches in non-production environments before broad deployment to ensure compatibility with VBS-dependent applications or security tools.

Share

EUVD-2026-22607 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy