How severe is CVE-2026-20867?

CVE-2026-20867 has a CVSS v3 score of 7.8 (HIGH).

CVE-2026-20867

7.8HIGH

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

Published: 1/13/2026Updated: 1/14/2026

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

AI AnalysisPowered by AI

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20867