Cyber Posture

CVE-2026-24283

High

Published: 10 March 2026

Published
10 March 2026
Modified
13 March 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0002 6.6th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24283 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows 11 24H2. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the heap-based buffer overflow vulnerability in Windows File Server by requiring timely application of vendor patches as referenced in Microsoft's advisory.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms such as heap canaries, address space layout randomization, and data execution prevention to mitigate exploitation of heap-based buffer overflows.

AC-6 Least Privilege partial match
prevent

Enforces least privilege for local user accounts, limiting the scope and access low-privileged authorized attackers have to the vulnerable Windows File Server component.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Heap buffer overflow in Windows File Server directly enables local privilege escalation (T1068) by a low-privileged user, leading to arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.

Deeper analysisAI

CVE-2026-24283 is a heap-based buffer overflow vulnerability, classified under CWE-122, affecting the Windows File Server component. Published on 2026-03-10T18:18:18.170, it carries a CVSS v3.1 base score of 8.8 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant impact across confidentiality, integrity, availability, and scope escalation.

A low-privileged local user with authorized access can exploit this vulnerability through low-complexity techniques requiring no user interaction. Successful exploitation allows the attacker to elevate privileges, achieving high-impact outcomes such as arbitrary code execution, data exfiltration, system modification, and denial of service within the elevated scope.

Microsoft's advisory provides details on mitigation and patching via the update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24283.

Details

CWE(s)
CWE-122

Affected Products

microsoft
windows 11 24h2
≤ 10.0.26100.7979 · ≤ 10.0.26100.7979
microsoft
windows 11 25h2
≤ 10.0.26200.7979 · ≤ 10.0.26200.7979
microsoft
windows 11 26h1
≤ 10.0.28000.1719 · ≤ 10.0.28000.1719
microsoft
windows server 2022 23h2
≤ 10.0.25398.2207
microsoft
windows server 2025
≤ 10.0.26100.32463

CVEs Like This One

CVE-2026-32221Same product: Microsoft Windows 11 24H2
CVE-2026-33101Same product: Microsoft Windows 11 24H2
CVE-2026-20864Same product: Microsoft Windows 11 24H2
CVE-2026-26180Same product: Microsoft Windows 11 24H2
CVE-2026-26176Same product: Microsoft Windows 11 24H2
CVE-2026-25188Same product: Microsoft Windows 11 24H2
CVE-2026-21245Same product: Microsoft Windows 11 24H2
CVE-2026-26179Same product: Microsoft Windows 11 24H2
CVE-2026-27907Same product: Microsoft Windows 11 24H2
CVE-2026-32076Same product: Microsoft Windows 11 24H2

References