Impact
Improper authentication in Windows SMB Server allows a local attacker with existing authentication to bypass security checks and acquire administrative privileges. The flaw is an authentication bypass (CWE‑287) and results in local privilege escalation on the affected system.
Affected Systems
The vulnerability affects a broad range of Microsoft Windows operating systems, including Windows 10 versions 1607, 1809, 21H2, 22H2, Windows 11 versions 22H3, 23H2, 24H2, 25H2, 26H1, and Windows Server releases 2012, 2012 R2, 2016, 2019, 2022, 2025, and the 23H2 edition, in both core and non‑core installations.
Risk and Exploitability
The CVSS score of 7.8 indicates a high severity, and the EPSS score of 3% reflects a moderate probability of exploitation. The flaw is not listed in CISA’s KEV catalog. An attacker must have local authenticated access to the target machine and must send SMB traffic to trigger the authentication bypass. Once the exploit succeeds, the attacker can obtain local administrator rights on the host.
OpenCVE Enrichment