Description
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
Published: 2026-04-14
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from an untrusted pointer dereference in the Windows Sensor Data Service. This flaw allows an attacker with local privileges to exploit memory handling errors and gain elevated privileges. The weakness involves improper input validation (CWE‑20) and unsafe pointer handling (CWE‑822), enabling an attacker to execute arbitrary code or modify system state.

Affected Systems

Affected systems include several Microsoft Windows client and server releases. Clients such as Windows 10 1809, 21H2, and 22H2; Windows 11 23H2, 24H2, 25H2, 22H3, and 26H1 are vulnerable. Server editions impacted are Windows Server 2019, Windows Server 2022, and Windows Server 2025, all versions listed in the CNA vendor product list.

Risk and Exploitability

The CVSS base score of 7.8 indicates a high severity for local privilege escalation. No EPSS score is available, and the vulnerability is not cataloged in CISA’s KEV list, suggesting it has not yet been widely exploited in the wild. The attack vector is local, requiring an authorized user to execute crafted input against the Sensor Data Service. Once exploited, the attacker can gain elevated system privileges.

Generated by OpenCVE AI on April 14, 2026 at 18:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and apply the Windows Security Update for CVE‑2026‑26161 released by Microsoft.
  • If the update is not immediately available, consider restricting local users from running the Sensor Data Service by disabling the service or limiting permissions.

Generated by OpenCVE AI on April 14, 2026 at 18:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 22h3
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2019 (server Core Installation)
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 22h3
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2019 (server Core Installation)
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)

Tue, 14 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
Title Windows Sensor Data Service Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-20
CWE-822
CPEs cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 10 1809 Windows 10 21h2 Windows 10 21h2 Windows 10 22h2 Windows 10 22h2 Windows 11 22h3 Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2019 Windows Server 2019 (server Core Installation) Windows Server 2022 Windows Server 2022, 23h2 Edition (server Core Installation) Windows Server 2025 Windows Server 2025 (server Core Installation) Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-17T15:51:09.893Z

Reserved: 2026-02-11T18:33:57.775Z

Link: CVE-2026-26161

cve-icon Vulnrichment

Updated: 2026-04-14T19:12:21.999Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-14T18:16:48.840

Modified: 2026-04-17T15:10:35.607

Link: CVE-2026-26161

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T21:02:49Z

Weaknesses