How severe is CVE-2026-20860?

CVE-2026-20860 has a CVSS v3 score of 7.8 (HIGH).

CVE-2026-20860

7.8HIGH

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Published: 1/13/2026Updated: 1/14/2026

Description

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

AI AnalysisPowered by AI

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20860