Impact
A heap-based buffer overflow in the Windows TCP/IP stack allows an authorized local user to overwrite critical control data. When triggered the attacker can achieve arbitrary code execution, elevating a standard user to an account with full administrative privileges and compromising the system’s integrity.
Affected Systems
Microsoft Windows operating systems are impacted, including Windows 10 versions 1607, 1809, 21H2, and 22H2; Windows 11 versions 23H2, 24H2, 25H2, and 26H1; and Windows Server releases from Server 2012 through Server 2025. Both standard and Server Core editions, and 32‑bit, 64‑bit, and ARM64 builds, are listed as vulnerable.
Risk and Exploitability
The flaw carries a CVSS score of 7.8, classifying it as high severity, and an EPSS score of 2%, indicating a low but present probability of exploitation. It is not listed in the CISA KEV catalog, so official exploitation evidence remains limited. The likely attacker vector involves delivering crafted network traffic to a local system, where an authorized user can trigger the overflow to raise privileges and gain control.
OpenCVE Enrichment