CVE Catalog

CVE-2026-45603

HighCVSS 7.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile - higher than 8% of all known CVEs

Summary

A race condition vulnerability exists in the Windows Ancillary Function Driver for WinSock due to improper synchronization of shared resources. This flaw allows an authorized attacker to locally elevate privileges.

Risk Assessment

An attacker with a limited account could exploit this vulnerability to gain higher privileges, potentially leading to full system compromise or further attacks on other resources.

Recommendation

Apply the security update provided by the Windows vendor immediately. Restricting system access to trusted users only can mitigate the risk.

Original NVD description (English source)

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS