Description
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
Published: 2026-03-10
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Elevation of Privilege (Local)
Action: Immediate Patch
AI Analysis

Impact

A heap-based buffer overflow in the UNC provider kernel driver of the Windows File Server allows an attacker who already has local access to elevate privileges. The overflow permits the attacker to overwrite kernel memory, potentially granting operating‑system level control. The vulnerability is classified as CWE‑122.

Affected Systems

Microsoft Windows 11 versions 24H2, 25H2 and 26H1, and Microsoft Windows Server 2022 23H2 (Server Core installation) and Microsoft Windows Server 2025 (Server Core installation) are affected. The vulnerable builds include both x64 and ARM64 architectures. No specific 32‑bit versions are indicated.

Risk and Exploitability

The CVSS base score is 8.8, indicating high severity, while the EPSS score is below 1 %, suggesting low exploit likelihood. It is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, it is inferred that the attacker must have local authenticated access to trigger the overflow and that remote exploitation is not possible. The kernel‑level nature of the flaw makes the impact severe if exploited.

Generated by OpenCVE AI on March 28, 2026 at 05:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Microsoft security update for CVE‑2026‑24283 to all affected Windows 11 and Windows Server installations.
  • Verify that the update is installed via Windows Update or the Microsoft Security Update Guide.
  • Restart the system if required to complete the kernel update.

Generated by OpenCVE AI on March 28, 2026 at 05:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 28 Mar 2026 03:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*

Fri, 13 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows Server 2022 23h2
CPEs cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft windows Server 2022 23h2

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)

Tue, 10 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
Title Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-122
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2022, 23h2 Edition (server Core Installation) Windows Server 2022 23h2 Windows Server 2025 Windows Server 2025 (server Core Installation) Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-03-27T22:32:28.200Z

Reserved: 2026-01-21T21:28:02.968Z

Link: CVE-2026-24283

cve-icon Vulnrichment

Updated: 2026-03-10T18:40:08.770Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-10T18:18:18.170

Modified: 2026-03-13T19:26:14.707

Link: CVE-2026-24283

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-29T20:26:31Z

Weaknesses