CVE-2026-45601
HighCVSS 7.0Exploitation Probability (EPSS)
Low risk8th percentile - higher than 8% of all known CVEs
Summary
A race condition in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authorized attacker to elevate privileges locally. The vulnerability stems from improper synchronization when accessing shared resources concurrently.
Risk Assessment
The organization faces the risk of an attacker gaining elevated system privileges, potentially leading to data theft, malware installation, or lateral movement within the network.
Recommendation
Apply the security update provided by Microsoft for the vulnerable AFD.sys driver immediately. This patch addresses the race condition and prevents privilege escalation.
Original NVD description (English source)
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

