CVE Catalog

CVE-2026-42836

HighCVSS 7.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

12th percentile - higher than 12% of all known CVEs

Summary

A race condition in Function Discovery Service (fdwsd.dll) allows an authorized attacker to locally elevate privileges due to improper synchronization during concurrent execution using shared resources.

Risk Assessment

This vulnerability could lead to unauthorized access to elevated privileges within the system, posing a significant security threat to the organization.

Recommendation

It is recommended to update the software and implement appropriate synchronization mechanisms to minimize the risk of race conditions.

Original NVD description (English source)

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS