Description
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
Published: 2026-01-13
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

A use‑after‑free flaw in the Desktop Window Manager permits an attacker with local access to execute code with elevated privileges. The vulnerability is classified as CWE‑416 and can be leveraged to take control of the system or install and run additional software with administrative rights. If exploited, the attacker could compromise system confidentiality, integrity, and availability, potentially moving laterally within a network if elevated accounts are further abused.

Affected Systems

Microsoft Windows 10 versions 21H2 and 22H2, Windows 11 versions 22H3, 23H2, 24H2 and 25H2, Windows Server 2022, Windows Server 2022 (23H2 Edition – Server Core installation), Windows Server 2025 and Windows Server 2025 (Server Core installation).

Risk and Exploitability

The vulnerability has a CVSS score of 7.8, indicating a high severity level. The EPSS score is less than 1%, suggesting current exploitation activity is rare, and it is not listed in CISA’s Known Exploited Vulnerabilities catalog. The attack requires local, authorized access and would proceed via the use‑after‑free condition in the Desktop Window Manager. Given its moderate‑to‑high severity and the potential for local attackers to gain full system control, organizations should consider this risk significant and patch early.

Generated by OpenCVE AI on April 16, 2026 at 18:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Microsoft security update that addresses CVE‑2026‑20871 as published on the official Microsoft security update guide
  • Configure Windows Update to automatically download and install security patches so future fixes are applied promptly
  • If an immediate update is not feasible, disable the Desktop Window Manager feature via Group Policy or registry settings to eliminate the attack surface as a temporary measure

Generated by OpenCVE AI on April 16, 2026 at 18:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
Title Desktop Windows Manager Elevation of Privilege Vulnerability Desktop Window Manager Elevation of Privilege Vulnerability

Thu, 15 Jan 2026 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2022 23h2
CPEs cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2022 23h2

Tue, 13 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
Title Desktop Windows Manager Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-416
CPEs cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 10 21h2 Windows 10 21h2 Windows 10 22h2 Windows 10 22h2 Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows Server 2022 Windows Server 2022 23h2 Windows Server 2025 Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:49:10.636Z

Reserved: 2025-12-03T05:54:20.382Z

Link: CVE-2026-20871

cve-icon Vulnrichment

Updated: 2026-01-13T20:09:00.503Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:16.810

Modified: 2026-01-15T15:48:21.813

Link: CVE-2026-20871

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T18:15:43Z

Weaknesses