Improper Authentication in Windows and Windows Server - CVE-2026-50365

 

Improper Authentication in Windows and Windows Server - CVE-2026-50365

Published: July 17, 2026


Vulnerability identifier: #VU138038
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-50365
CWE-ID: CWE-287
Exploitation vector: Adjecent network
Exploit availability: No public exploit available
Vendor: Microsoft
Affected software:
Windows
Windows Server

Detailed vulnerability description

The vulnerability allows a remote attacker to escalate privileges.

The vulnerability exists due to improper authentication in Windows RPC API when a user actively connects to the affected server and runs a specific command. A remote attacker can send a specially crafted command over an adjacent network to escalate privileges.

Successful exploitation could result in SYSTEM privileges. User interaction is required to connect to the server and run the command.


How to mitigate CVE-2026-50365

Install security update from vendor's website.

Sources