cbcvebase.
CVE-2026-24293
published 2026-03-10

CVE-2026-24293: Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_21h2< 10.0.19044.705810.0.19044.7058
microsoftwindows_10_22h2< 10.0.19045.705810.0.19045.7058
microsoftwindows_10_version_21h2>= 10.0.19044.0 < 10.0.19044.705810.0.19044.7058
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.705810.0.19045.7058
microsoftwindows_11_23h2< 10.0.22631.678310.0.22631.6783
microsoftwindows_11_24h2< 10.0.26100.797910.0.26100.7979
microsoftwindows_11_25h2< 10.0.26200.797910.0.26200.7979
microsoftwindows_11_26h1< 10.0.28000.171910.0.28000.1719
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.678310.0.22631.6783
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.678310.0.22631.6783
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.803710.0.26100.8037
microsoftwindows_11_version_25h2>= 10.0.26200.0 < 10.0.26200.803710.0.26200.8037
microsoftwindows_11_version_26h1>= 10.0.28000.0 < 10.0.28000.171910.0.28000.1719
microsoftwindows_server_2022< 10.0.20348.483010.0.20348.4830
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.489310.0.20348.4893
microsoftwindows_server_2022_23h2< 10.0.25398.220710.0.25398.2207
microsoftwindows_server_2025< 10.0.26100.3246310.0.26100.32463
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.3252210.0.26100.32522
msrcwindows_10_version_21h2_for_32-bit_systems
msrcwindows_10_version_21h2_for_arm64-based_systems
msrcwindows_10_version_21h2_for_x64-based_systems
msrcwindows_10_version_22h2_for_32-bit_systems
msrcwindows_10_version_22h2_for_arm64-based_systems
msrcwindows_10_version_22h2_for_x64-based_systems
msrcwindows_11_version_23h2_for_arm64-based_systems