Description
Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
Published: 2026-01-13
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Information Disclosure
Action: Patch
AI Analysis

Impact

An out-of-bounds read in the Capability Access Management Service (camsvc) allows an unauthorized local user to read memory that is not intended for that user, which can expose sensitive information such as system configuration or credentials. The vulnerability is limited to local execution and does not provide remote code execution or elevated privileges.

Affected Systems

Microsoft Windows 11 version 24H2, Microsoft Windows 11 version 25H2, Microsoft Windows Server 2025, and the Server Core installation of Windows Server 2025.

Risk and Exploitability

The CVSS score of 6.2 indicates a moderate severity, and the EPSS score of less than 1% suggests a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, and the attack vector is limited to local users who have the ability to interact with the camsvc service. Thus, the risk to the broader network is minimal but the local information disclosure can be significant for compromised hosts.

Generated by OpenCVE AI on April 16, 2026 at 18:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the most recent Microsoft security update that addresses CVE‑2026‑20851 for the relevant Windows 11 or Windows Server 2025 platform.
  • Reboot the affected system to ensure the updated service binaries are loaded and any cached data is cleared.
  • Review and restrict the local user permissions that can interact with the Capability Access Management Service to minimize potential data exposure.

Generated by OpenCVE AI on April 16, 2026 at 18:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 15 Jan 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
CPEs cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2

Wed, 14 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
Title Capability Access Management Service (camsvc) Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2025
Weaknesses CWE-125
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows Server 2025
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:48:39.090Z

Reserved: 2025-12-03T05:54:20.377Z

Link: CVE-2026-20851

cve-icon Vulnrichment

Updated: 2026-01-13T19:35:52.726Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:13.650

Modified: 2026-01-15T13:49:12.973

Link: CVE-2026-20851

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T18:30:10Z

Weaknesses