CVE-2026-24283
published 2026-03-10CVE-2026-24283: Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_24h2 | < 10.0.26100.7979 | 10.0.26100.7979 |
| microsoft | windows_11_25h2 | < 10.0.26200.7979 | 10.0.26200.7979 |
| microsoft | windows_11_26h1 | < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.8037 | 10.0.26100.8037 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.8037 | 10.0.26200.8037 |
| microsoft | windows_11_version_26h1 | >= 10.0.28000.0 < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.2207 | 10.0.25398.2207 |
| microsoft | windows_server_2025 | < 10.0.26100.32463 | 10.0.26100.32463 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.32522 | 10.0.26100.32522 |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_26h1_for_arm64-based_systems | — | — |
| msrc | windows_11_version_26h1_for_x64-based_systems | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |