CVE-2026-24294
published 2026-03-10CVE-2026-24294: Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_1809 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_21h2 | < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_22h2 | < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_11_23h2 | < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_24h2 | < 10.0.26100.7979 | 10.0.26100.7979 |
| microsoft | windows_11_25h2 | < 10.0.26200.7979 | 10.0.26200.7979 |
| microsoft | windows_11_26h1 | < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.8037 | 10.0.26100.8037 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.8037 | 10.0.26200.8037 |
| microsoft | windows_11_version_26h1 | >= 10.0.28000.0 < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25973 | 6.2.9200.25973 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.23074 | 6.3.9600.23074 |
| microsoft | windows_server_2016 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2019 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2022 | < 10.0.20348.4830 | 10.0.20348.4830 |