Insufficient Granularity of Access Control in Windows and Windows Server - CVE-2026-50405
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to insufficient granularity of access control in Windows Filtering Platform (WFP) when handling local access to filtering platform resources. A local user can leverage the access control weakness to escalate privileges.
Successful exploitation could result in SYSTEM privileges.