CVE-2026-20852
published 2026-01-13CVE-2026-20852: Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
high7.7CVSS 3.1
AVLACLPRNUINSUCHIHAN
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8783 | 10.0.14393.8783 |
| microsoft | windows_10_1809 | < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_10_21h2 | < 10.0.19044.6809 | 10.0.19044.6809 |
| microsoft | windows_10_22h2 | < 10.0.19045.6809 | 10.0.19045.6809 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8783 | 10.0.14393.8783 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6809 | 10.0.19044.6809 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6809 | 10.0.19045.6809 |
| microsoft | windows_11_23h2 | < 10.0.22631.6491 | 10.0.22631.6491 |
| microsoft | windows_11_24h2 | < 10.0.26100.7623 | 10.0.26100.7623 |
| microsoft | windows_11_25h2 | < 10.0.26200.7623 | 10.0.26200.7623 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6491 | 10.0.22631.6491 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6491 | 10.0.22631.6491 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.7623 | 10.0.26100.7623 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.7623 | 10.0.26200.7623 |
| microsoft | windows_server_2016 | < 10.0.14393.8783 | 10.0.14393.8783 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8783 | 10.0.14393.8783 |
| microsoft | windows_server_2019 | < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8276 | 10.0.17763.8276 |
| microsoft | windows_server_2022 | < 10.0.20348.4648 | 10.0.20348.4648 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.4648 | 10.0.20348.4648 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.2092 | 10.0.25398.2092 |
| microsoft | windows_server_2025 | < 10.0.26100.32230 | 10.0.26100.32230 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.32230 | 10.0.26100.32230 |
| msrc | windows_10_version_1607 | — | — |