Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.
CVSS Details
- CVSS 3.1 Base Score: 7.8
- CVSS 3.1 Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Microsoft Windows | microsoft-windows-windows_10-1607-kb5087537microsoft-windows-windows_10-1809-kb5087538microsoft-windows-windows_10-21h2-kb5087544microsoft-windows-windows_10-22h2-kb5087544microsoft-windows-windows_10-22h2-kb5094127microsoft-windows-windows_11-23h2-kb5087420microsoft-windows-windows_11-23h2-kb5093998microsoft-windows-windows_11-24h2-kb5089549microsoft-windows-windows_11-25h2-kb5089549microsoft-windows-windows_11-26h1-kb5089548microsoft-windows-windows_server_2012-kb5087470microsoft-windows-windows_server_2012_r2-kb5087471microsoft-windows-windows_server_2016-1607-kb5087537microsoft-windows-windows_server_2019-1809-kb5087538microsoft-windows-windows_server_2022-21h2-kb5087545microsoft-windows-windows_server_2022-22h2-kb5087545microsoft-windows-windows_server_2022-23h2-kb5087541microsoft-windows-windows_server_2025-24h2-kb5087539 | May 12, 2026 | May 12, 2026 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub