CVE-2026-20810
published 2026-01-13CVE-2026-20810: Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_10_21h2 | < 10.0.19044.6809 | 10.0.19044.6809 |
| microsoft | windows_10_22h2 | < 10.0.19045.6809 | 10.0.19045.6809 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6809 | 10.0.19044.6809 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6809 | 10.0.19045.6809 |
| microsoft | windows_server_2019 | < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8276 | 10.0.17763.8276 |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_server_2019 | — | — |