Windows Encrypting File System (EFS) Privilege Escalation Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Encrypting File System (EFS) Privilege Escalation Risk

CVE-2026-26153

Summary

An authorized user on a Windows system can potentially exploit a weakness in the Encrypting File System, allowing them to gain elevated access to the system. This means an attacker with legitimate access to a Windows system could use this vulnerability to gain more powerful user privileges, potentially leading to further system compromise. Affected users should update their Windows systems to the latest security patches to prevent exploitation.

Original title

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

Original description

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-125 Out-of-bounds Read

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26153

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026