CVE-2026-20857

HIGH

Windows Cloud Files Mini Filter Driver - Privilege Escalation

Title source: llm

Description

Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0002
EPSS Percentile 5.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-822
Status published

Affected Products (11)

microsoft/windows_10_1809 < 10.0.17763.8276
microsoft/windows_10_1809 < 10.0.17763.8276
microsoft/windows_10_21h2 < 10.0.19044.6809
microsoft/windows_10_22h2 < 10.0.19045.6809
microsoft/windows_11_23h2 < 10.0.22631.6491
microsoft/windows_11_24h2 < 10.0.26100.7623
microsoft/windows_11_25h2 < 10.0.26200.7623
microsoft/windows_server_2019 < 10.0.17763.8276
microsoft/windows_server_2022 < 10.0.20348.4648
microsoft/windows_server_2022_23h2 < 10.0.25398.2092
microsoft/windows_server_2025 < 10.0.26100.32230

Timeline

Published Jan 13, 2026
Tracked Since Feb 18, 2026