SB20260310105 - Multiple vulnerabilities in Microsoft Windows Ancillary Function Driver for WinSock

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20260310105

SB20260310105 - Multiple vulnerabilities in Microsoft Windows Ancillary Function Driver for WinSock

Published: March 10, 2026

Security Bulletin ID SB20260310105
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2026-25178)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can gain elevated privileges on the target system.


2) NULL pointer dereference (CVE-ID: CVE-2026-24293)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local suer to escalate privileges on the system.

The vulnerability exists due to a NULL pointer dereference error in Windows Ancillary Function Driver for WinSock. A local user can pass specially crafted data to the application and gain elevated privileges on the target system.


3) Improper access control (CVE-ID: CVE-2026-25176)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in Windows Ancillary Function Driver for WinSock. A local user can bypass implemented security restrictions and gain elevated privileges on the target system.


4) Improper Validation of Specified Type of Input (CVE-ID: CVE-2026-25179)

CWE-ID: CWE-1287 - Improper Validation of Specified Type of Input

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper validation of specified type of input in Windows Ancillary Function Driver for WinSock, which leads to security restrictions bypass and privilege escalation.


Remediation

Install update from vendor's website.

References