Windows Extensible File Allocation Privilege Elevation Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Extensible File Allocation Privilege Elevation Risk

CVE-2026-25174

Summary

An attacker with authorized access can potentially exploit a weakness in Windows Extensible File Allocation on a Windows system, allowing them to gain elevated privileges. This could let them access sensitive data or perform unauthorized actions. To protect your system, update your Windows software with the latest security patches.

Original title

Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.

Original description

Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-125 Out-of-bounds Read

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25174

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026