Windows AppLocker Driver Allows Local Privilege Escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows AppLocker Driver Allows Local Privilege Escalation

CVE-2026-25184

Summary

An attacker with administrative access can exploit a flaw in the Windows AppLocker Driver to gain elevated privileges on a local machine, potentially allowing them to access or modify sensitive data. This issue affects machines running Windows with the AppLocker feature enabled. To protect against this vulnerability, ensure that Windows is fully updated with the latest security patches.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-362 Race Condition

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25184

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026