Winfsp
Monthly
Local privilege escalation to SYSTEM in WinFsp (Windows File System Proxy) stems from an integer overflow (CWE-190) that a low-privileged local user can trigger to achieve system-level access on the host. The flaw crosses a privilege boundary (CVSS scope change) and is fixed in release v2.2B2. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation is theoretical but the SYSTEM-level impact makes it a meaningful local escalation risk.
A race condition in WinFsp enables local privilege escalation to SYSTEM through kernel heap overflow. Authenticated local attackers with low privileges can exploit this timing vulnerability to corrupt kernel memory and execute code at the highest privilege level. Patch available in WinFsp v2.2B1 per vendor release notes. EPSS data not available; no CISA KEV listing indicates exploitation not yet confirmed in the wild, though the vulnerability affects a Windows kernel-mode driver used for file system development.
Local privilege escalation to SYSTEM in WinFsp (Windows File System Proxy) stems from an integer overflow (CWE-190) that a low-privileged local user can trigger to achieve system-level access on the host. The flaw crosses a privilege boundary (CVSS scope change) and is fixed in release v2.2B2. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation is theoretical but the SYSTEM-level impact makes it a meaningful local escalation risk.
A race condition in WinFsp enables local privilege escalation to SYSTEM through kernel heap overflow. Authenticated local attackers with low privileges can exploit this timing vulnerability to corrupt kernel memory and execute code at the highest privilege level. Patch available in WinFsp v2.2B1 per vendor release notes. EPSS data not available; no CISA KEV listing indicates exploitation not yet confirmed in the wild, though the vulnerability affects a Windows kernel-mode driver used for file system development.