Windows WFP Filter Driver Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows WFP Filter Driver Privilege Elevation Vulnerability

CVE-2026-27917

Summary

A software bug in Windows' WFP filter driver can allow an authorized user to gain elevated access to a system. This means an attacker with legitimate access to a computer can potentially gain even more access, potentially leading to data theft or system compromise. Affected systems should be updated with the latest Windows patches to prevent exploitation of this vulnerability.

Original title

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.

Original description

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27917

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026