HIGHCVE-2026-20830Published Modified CNA microsoft
CVE-2026-20830: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
Metrics
- CVSS v3.1
- 7.0
- Severity
- HIGH
- Fixed in
- 10.0.26100.32230
- Affected Products
- 2
Fix available
10.0.26100.32230
Affected packages
- Microsoft / Windows Server 2025< 10.0.26100.32230 (from 10.0.26100.0)
- Microsoft / Windows Server 2025 (Server Core installation)< 10.0.26100.32230 (from 10.0.26100.0)
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C