Vulnerability-Lookup

CNVD-2026-17152

Vulnerability from cnvd - Published: 2026-04-14

Title

Microsoft Windows Ancillary Function Driver for WinSock权限提升漏洞（CNVD-2026-17152）

Description

Microsoft Windows Ancillary Function Driver for WinSock是美国微软（Microsoft）公司的Winsock的辅助功能驱动程序。 Microsoft Windows Ancillary Function Driver for WinSock存在权限提升漏洞，该漏洞是由于释放了WinSock辅助功能驱动程序中不在堆上的内存造成的。攻击者可利用该漏洞提升权限。

Severity

中

Patch Name

Microsoft Windows Ancillary Function Driver for WinSock权限提升漏洞（CNVD-2026-17152）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810

Reference

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810

Impacted products

Name
['Microsoft Windows Server 2019', 'Microsoft Window 10 22H2', 'Microsoft Window 10 21H2', 'Microsoft Window 10 1809']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-20810",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-20810"
    }
  },
  "description": "Microsoft Windows Ancillary Function Driver for WinSock\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684Winsock\u7684\u8f85\u52a9\u529f\u80fd\u9a71\u52a8\u7a0b\u5e8f\u3002\n\nMicrosoft Windows Ancillary Function Driver for WinSock\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u91ca\u653e\u4e86WinSock\u8f85\u52a9\u529f\u80fd\u9a71\u52a8\u7a0b\u5e8f\u4e2d\u4e0d\u5728\u5806\u4e0a\u7684\u5185\u5b58\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-17152",
  "openTime": "2026-04-14",
  "patchDescription": "Microsoft Windows Ancillary Function Driver for WinSock\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684Winsock\u7684\u8f85\u52a9\u529f\u80fd\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nMicrosoft Windows Ancillary Function Driver for WinSock\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u91ca\u653e\u4e86WinSock\u8f85\u52a9\u529f\u80fd\u9a71\u52a8\u7a0b\u5e8f\u4e2d\u4e0d\u5728\u5806\u4e0a\u7684\u5185\u5b58\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Ancillary Function Driver for WinSock\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2026-17152\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2019",
      "Microsoft Window 10 22H2",
      "Microsoft Window 10 21H2",
      "Microsoft Window 10 1809"
    ]
  },
  "referenceLink": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810",
  "serverity": "\u4e2d",
  "submitTime": "2026-01-19",
  "title": "Microsoft Windows Ancillary Function Driver for WinSock\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2026-17152\uff09"
}

CVE-2026-20810 (GCVE-0-2026-20810)

Vulnerability from cvelistv5 – Published: 2026-01-13 17:56 – Updated: 2026-04-01 13:48

Title

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Summary

Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-590 - Free of Memory not on the Heap

Assigner

microsoft

References

URL

Tags

https://msrc.microsoft.com/update-guide/vulnerabi…

vendor-advisorypatch

Impacted products

Vendor

Product

Version

Microsoft

Windows 10 Version 1809

Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)

Microsoft	Windows 10 Version 21H2	Affected: 10.0.19044.0 , < 10.0.19044.6809 (custom)
Microsoft	Windows 10 Version 22H2	Affected: 10.0.19045.0 , < 10.0.19045.6809 (custom)
Microsoft	Windows Server 2019	Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)
Microsoft	Windows Server 2019 (Server Core installation)	Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)

Date Public ?

2026-01-13 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20810",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T04:56:55.383331Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:39.569Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.6809",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.6809",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.6809",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.6809",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-590",
              "description": "CWE-590: Free of Memory not on the Heap",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-01T13:48:19.243Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810"
        }
      ],
      "title": "Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-20810",
    "datePublished": "2026-01-13T17:56:10.446Z",
    "dateReserved": "2025-12-03T05:54:20.372Z",
    "dateUpdated": "2026-04-01T13:48:19.243Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-17152

CVE-2026-20810 (GCVE-0-2026-20810)

Tags

Sightings

Nomenclature