Description
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
Published: 2026-01-13
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Information Disclosure
Action: Apply Patch
AI Analysis

Impact

An untrusted pointer dereference in the Windows Virtualization‑Based Security (VBS) enclave allows a local attacker to read sensitive data that should remain protected. The flaw is classified as CWE‑822 and could reveal confidential system information or memory contents, potentially aiding further attacks.

Affected Systems

Microsoft Windows 11 22H3, 23H2, 24H2, and 25H2 on arm64 and x64 architectures are affected. All builds from these release lines are vulnerable to the pointer dereference in the VBS enclave.

Risk and Exploitability

The vulnerability carries a moderate severity rating. Exploitation requires local execution or user privilege and is not feasible remotely. The likelihood of exploitation is considered low, and current security advisories do not flag it as an actively exploited vulnerability.

Generated by OpenCVE AI on April 16, 2026 at 18:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Windows security updates for Windows 11 that address CVE‑2026‑20935 via Windows Update or the Microsoft Update Catalog.
  • If an update is not yet available, temporarily disable or limit VBS features such as Hypervisor‑Protected Code Integrity until a patch is released.
  • Continue to monitor Microsoft advisories for any new mitigations or work‑arounds and apply them promptly.

Generated by OpenCVE AI on April 16, 2026 at 18:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 16 Jan 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
CPEs cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2

Tue, 13 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
Title Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Weaknesses CWE-822
CPEs cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
Vendors & Products Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:49:14.499Z

Reserved: 2025-12-04T20:04:16.337Z

Link: CVE-2026-20935

cve-icon Vulnrichment

Updated: 2026-01-13T18:57:45.465Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:20.500

Modified: 2026-01-16T15:18:31.623

Link: CVE-2026-20935

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T18:15:43Z

Weaknesses