Description
Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Published: 2026-04-14
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

The vulnerability arises from an integer underflow in the Windows Storage Spaces Controller. An authorized local attacker could exploit this wraparound behavior to gain higher privileges than they originally possessed. The exploitation compromise results in elevation of privileges on the affected system, potentially allowing the attacker to modify system settings, bypass restrictions, and execute arbitrary code with elevated rights. The weakness corresponds to CWE-191, which signifies integer wrapor underflow problems.

Affected Systems

Microsoft Windows 11 versions 23H2, 24H2, 25H2, 22H3, and 26H1; Windows Server 2022 23H2 Edition (Server Core installation); Windows Server 2025 and its Server Core installation. All affected configurations are present within the listed product releases. The vulnerability affects the Storage Spaces component across those platforms.

Risk and Exploitability

The CVSS score of 7.8 indicates a medium‑to‑high severity of the flaw, while EPSS data is unavailable. The attack vector must be local and requires an attacker to be authenticated on the target machine. Because it grants local privilege escalation, the impact is significant if the attacker already has a foothold. The flaw is not part of the CISA KEV catalog, so there are no publicly known active exploits reported at the time of disclosure. Nevertheless, the attack surface remains high for any user who can gain legitimate local access to a system running one of the affected Windows releases.

Generated by OpenCVE AI on April 14, 2026 at 19:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Obtain the latest security update for CVE-2026-27907 from the Microsoft Security Update Guide for the relevant Windows 11 and Windows Server releases.
  • Install the update via Windows Update or by applying the downloaded MSU package.
  • Verify the installation by checking that the update KB number is present in the system’s update history.
  • If a timely update is not yet available, mitigate risk by disabling the Storage Spaces feature in the system settings or by restricting local user accounts from accessing Storage Spaces resources.
  • Continue to enforce least‑privilege security practices and apply all future security patches promptly.

Generated by OpenCVE AI on April 14, 2026 at 19:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 22h3
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 22h3
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)

Tue, 14 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Title Windows Storage Spaces Controller Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-191
CPEs cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 22h3 Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2022, 23h2 Edition (server Core Installation) Windows Server 2025 Windows Server 2025 (server Core Installation) Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-15T21:54:10.762Z

Reserved: 2026-02-24T21:35:49.686Z

Link: CVE-2026-27907

cve-icon Vulnrichment

Updated: 2026-04-14T19:12:15.430Z

cve-icon NVD

Status : Received

Published: 2026-04-14T18:16:57.037

Modified: 2026-04-14T18:16:57.037

Link: CVE-2026-27907

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T21:00:09Z

Weaknesses