Cyber Resilience

CVE-2026-35420

High

Published: 12 May 2026

Published
12 May 2026
Modified
14 May 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-35420 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Windows Server 2012. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 15.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct local kernel privilege escalation via heap buffer overflow (CWE-122) maps exactly to T1068 Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-27912Same product: Microsoft Windows Server 2012
CVE-2026-41095Same product: Microsoft Windows Server 2012
CVE-2026-26183Same product: Microsoft Windows Server 2012
CVE-2026-26180Same product: Microsoft Windows Server 2012
CVE-2026-20922Same product: Microsoft Windows Server 2012
CVE-2026-20820Same product: Microsoft Windows Server 2012
CVE-2026-40398Same product: Microsoft Windows Server 2012
CVE-2026-20840Same product: Microsoft Windows Server 2012
CVE-2026-25188Same product: Microsoft Windows Server 2012
CVE-2026-33837Same product: Microsoft Windows Server 2012

Affected Assets

microsoft
windows server 2012
all versions, r2
microsoft
windows server 2016
≤ 10.0.14393.9140
microsoft
windows server 2019
≤ 10.0.17763.8755
microsoft
windows server 2022
≤ 10.0.20348.5074
microsoft
windows server 2022 23h2
≤ 10.0.25398.2330
microsoft
windows server 2025
≤ 10.0.26100.32772

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References