Description
Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally.
Published: 2026-01-13
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Information Disclosure
Action: Apply Patch
AI Analysis

Impact

The vulnerability arises from sensitive information being written to a kernel log file, allowing an unauthorized local attacker to read that data and thereby gain access to confidential information. This vulnerability is based on CWE-532, which concerns information exposure through log files. This results in a loss of confidentiality and potentially the exposure of credentials or configuration details that are not meant for user access.

Affected Systems

Affected systems include Microsoft Windows Server 2016, 2019, 2022, and 2025 in both full and Server Core installations, as well as the 23H2 edition of Windows Server 2022 and the 23H2 edition of Windows Server 2025. All variants listed in the CVE are impacted.

Risk and Exploitability

The severity score is 6.2 on the CVSS scale, indicating a moderate impact. The EPSS score is less than 1%, reflecting a very low likelihood of widespread exploitation. The vulnerability is not currently cataloged in CISA’s Known Exploited Vulnerabilities list. Because it requires an attacker to have local access, the attack vector is local; an attacker would need to run code or have a user context that can read the kernel log file to extract the disclosed data.

Generated by OpenCVE AI on April 18, 2026 at 06:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official Microsoft security update that addresses CVE-2026-20818.
  • If the patch cannot yet be applied, reduce the permissions on the kernel log files so that only the system account or elevated privileged users can read them.
  • Continuously monitor system logs for unusual or unauthorized read attempts to detect potential exploitation attempts.

Generated by OpenCVE AI on April 18, 2026 at 06:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 14 Jan 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows Server 2022 23h2
CPEs cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft windows Server 2022 23h2

Wed, 14 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally.
Title Windows Kernel Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-532
CPEs cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2022 23h2 Windows Server 2025 Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:48:23.443Z

Reserved: 2025-12-03T05:54:20.373Z

Link: CVE-2026-20818

cve-icon Vulnrichment

Updated: 2026-01-13T19:39:11.721Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:08.810

Modified: 2026-01-14T20:32:15.047

Link: CVE-2026-20818

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T06:45:23Z

Weaknesses