Microsoft Brokering File System Privilege Escalation Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.4

Microsoft Brokering File System Privilege Escalation Risk

CVE-2026-32091

Summary

An attacker can potentially gain elevated access to sensitive files on a local system due to a flaw in the way Microsoft Brokering File System handles shared resources. This issue is significant because it could allow unauthorized access to sensitive data or system configuration. To mitigate this risk, ensure you keep your Microsoft products and systems up to date with the latest patches and security updates.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

nvd CVSS3.1 8.4

Vulnerability type

CWE-362 Race Condition

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32091

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026