Windows UPnP Device Host Elevation of Privilege Vulnerability

Description

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Affected Products

Vendor	Product	Versions
Microsoft	Windows 10 Version 1607	10.0.14393.0, 10.0.17763.0, 10.0.19044.0, 10.0.19045.0, 10.0.22631.0, 10.0.22631.0, 10.0.26100.0, 10.0.26200.0, 10.0.28000.0, 6.2.9200.0, 6.2.9200.0, 6.3.9600.0, 6.3.9600.0, 10.0.14393.0, 10.0.14393.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.25398.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	windows 11 version 25h2	mitre_affected	90%
microsoft	windows server 2019 (server core installation)	mitre_affected	90%
microsoft	windows 11 version 26h1	mitre_affected	90%
microsoft	windows 10 version 22h2	mitre_affected	90%
microsoft	windows 11 version 23h2	mitre_affected	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32075(vendor-advisory, patch)

Related News (3 articles)

Tier C

Qualys Blog3h ago

Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review

→ No new info (linked only)

Tier C

VulDB6h ago

CVE-2026-32075 | Microsoft Windows up to Server 2025 UPnP Device Host use after free

→ No new info (linked only)

Tier A

Microsoft MSRC10h ago

CVE-2026-32075 Windows UPnP Device Host Elevation of Privilege Vulnerability

→ No new info (linked only)

CVSS 3.17.0 HIGH

VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

10.0.14393.906010.0.17763.864410.0.19044.718410.0.19045.718410.0.22631.693610.0.26100.3269010.0.26200.824610.0.28000.18366.2.9200.260266.3.9600.2313210.0.20348.502010.0.25398.2274

CWECWE-416

PublishedApr 14, 2026

Last enriched6h agov2

Trending Score66

Source articles3

Independent3

Info Completeness9/14

Missing: title, epss, kev, iocs, mitre_attack