Description
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.
Published: 2026-04-14
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

A heap-based buffer overflow exists in the Windows USB Print Driver (usbprint.sys). When a malicious USB peripheral is attached, an unauthorized user can trigger the overflow and gain elevated privileges on the local system. The flaw is classified as CWE‑122, indicating a memory corruption vulnerability that can lead to privilege escalation.

Affected Systems

The issue affects Microsoft Windows 11 versions 24H2, 25H2, and 26H1, as well as Microsoft Windows Server 2025 and its Server Core installation. No other operating systems or vendors are listed.

Risk and Exploitability

The CVSS score of 6.8 reflects a moderate severity. The vulnerability requires a physical presence or control over the USB device to trigger the overflow, making remote exploitation unlikely. Because the flaw leads to privilege escalation, an attacker with local access to the victim’s machine could gain higher privileges once the malicious USB device is plugged in. No EPSS score or KEV listing is available, so the risk is currently considered moderate with a low probability of widespread exploitation given the physical attack vector.

Generated by OpenCVE AI on April 14, 2026 at 19:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Microsoft update for CVE‑2026‑32223 to Windows 11 and Windows Server 2025 via Windows Update or the Microsoft Update Catalog.
  • Verify that the update has been installed and that usbprint.sys is no longer vulnerable; check the update history for the correct KB.
  • Consider disabling or restricting USB printing if the patch cannot be applied immediately.
  • Ensure only trusted USB peripherals are connected to the device.

Generated by OpenCVE AI on April 14, 2026 at 19:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)

Tue, 14 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.
Title Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Weaknesses CWE-122
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2025 Windows Server 2025 (server Core Installation)
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-15T21:54:40.903Z

Reserved: 2026-03-11T01:49:58.662Z

Link: CVE-2026-32223

cve-icon Vulnrichment

Updated: 2026-04-14T19:28:56.941Z

cve-icon NVD

Status : Received

Published: 2026-04-14T18:17:30.490

Modified: 2026-04-14T18:17:30.490

Link: CVE-2026-32223

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T20:45:06Z

Weaknesses