Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-20930EXPLOITEDPATCHED

Microsoft · Windows 10 Version 1809

Windows Management Services Elevation of Privilege Vulnerability

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

Affected Products

Vendor	Product	Versions
Microsoft	Windows 10 Version 1809	10.0.17763.0, 10.0.19044.0, 10.0.19045.0, 10.0.22631.0, 10.0.22631.0, 10.0.26100.0, 10.0.26200.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.25398.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	windows 11 version 24h2	mitre_affected	90%
microsoft	windows 11 version 25h2	mitre_affected	90%
microsoft	windows server 2019 (server core installation)	mitre_affected	90%
microsoft	windows 10 version 21h2	mitre_affected	90%
microsoft	windows server 2022, 23h2 edition (server core installation)	mitre_affected	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20930(vendor-advisory, patch)

Related News (2 articles)

Tier C

VulDB5h ago

CVE-2026-20930 | Microsoft Windows up to Server 2025 Management Services race condition

→ No new info (linked only)

Tier A

Microsoft MSRC8h ago

CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

10.0.17763.864410.0.19044.718410.0.19045.718410.0.22631.693610.0.26100.3269010.0.26200.824610.0.20348.502010.0.25398.2274

CWECWE-362

PublishedApr 14, 2026

Last enriched4h agov3

Tags

CVE-2026-20930

Trending Score62

Source articles2

Independent2

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

HIGHCVE-2026-26171EXP

.NET Denial of Service Vulnerability

HIGHCVE-2026-32071EXP

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

HIGHCVE-2026-32093EXP

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

HIGHCVE-2026-32075EXP

Windows UPnP Device Host Elevation of Privilege Vulnerability

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026

Updated: description, exploitAvailable, activelyExploited

Apr 14, 2026

Updated: tags

Apr 14, 2026

Actively Exploited

Apr 14, 2026

Exploit Available

Apr 14, 2026

Patch Available

Apr 14, 2026

Version History

v3

Last enriched 4h ago

v3Tier C4h ago

Updated severity to CRITICAL, noted no exploit exists, and added new CVE ID CVE-2026-20930.

tags

via VulDB

v2Tier A5h ago

Added a detailed description of the vulnerability and updated exploit availability to true.

descriptionexploitAvailableactivelyExploited

via Microsoft MSRC

v15h ago

Initial creation